BFD for Pseudowires

Load base.ipv4.and.ipv6.cfg

#IOS-XE (R1-R6)
config replace flash:ospfv2.cfg

  • Enable LDP on all routers.

  • Configure a pseudowire between R2-R6 on their loopbacks.

  • Create a VPWS using Gi2 service-instance 10 on each router. (This will not actually be operational).

  • Configure the pseudowire to use BFD.

Answer

#All routers
router ospf 1
 mpls ldp auto

#R2
template type pseudowire PW_BFD
 encapsulation mpls
 signaling protocol ldp
 monitor peer bfd local interface Loopback0
!
bfd-template multi-hop BFD_MH
 interval min-tx 750 min-rx 750 multiplier 3
!
bfd map ipv4 6.6.6.6/32 2.2.2.2/32 BFD_MH
!
interface GigabitEthernet2
 service instance 10 ethernet
  encapsulation dot1q 10
!
l2vpn xconnect context XC1
 member gi2 service-instance 10
 member 6.6.6.6 10 template PW_BFD

#R6
template type pseudowire PW_BFD
 encapsulation mpls
 signaling protocol ldp
 monitor peer bfd local interface Loopback0
!
bfd-template multi-hop BFD_MH
 interval min-tx 750 min-rx 750 multiplier 3
!
bfd map ipv4 2.2.2.2/32 6.6.6.6/32 BFD_MH
!
interface GigabitEthernet2
 service instance 10 ethernet
  encapsulation dot1q 10
!
l2vpn xconnect context XC1
 member gi2 service-instance 10
 member 2.2.2.2 10 template PW_BFD

Explanation

Using BFD with pseudowires is essentially just the process of creating a multi-hop BFD session like normal, and then telling the router to monitor the pseudowire peer via BFD.

First we create a multi-hop BFD template and map the remote pseudowire peer to the BFD template:

#R2
bfd-template multi-hop BFD_MH
 interval min-tx 750 min-rx 750 multiplier 3
!
bfd map ipv4 6.6.6.6/32 2.2.2.2/32 BFD_MH

Next, we create a pseduowire template and configure BFD monitoring:

#R2
template type pseudowire PW_BFD
 encapsulation mpls
 signaling protocol ldp
 monitor peer bfd local interface Loopback0

Finally, the template is applied to the pseudowire peer in the xconnect config:

#R2
l2vpn xconnect context XC1
 member gi2 service-instance 10
 member 6.6.6.6 10 template PW_BFD

Verification

We can verify the multi-hop session just like any other BFD multi-hop session. Notice that xconnect is the registered protocol, and that, as usual, echos cannot be used for multi-hop sessions.

Let’s now simulate failure a new way. We’ll apply an ACL to all of R6’s interfaces that block BFD control packets. This simulates a scenario in which OSPF is still up (somehow), or hasn’t yet hit the dead timer.

#R6
ip access-list extended BLOCK_BFD
 10 deny   udp any any eq 4784
 20 permit ip any any
!
int GigabitEthernet2.36
 ip access-group BLOCK_BFD in
int GigabitEthernet2.46
 ip access-group BLOCK_BFD in
int GigabitEthernet2.56
 ip access-group BLOCK_BFD in

Within just a few seconds, BFD goes down on R2 and informs the xconnect process. The AToM VC is now down:

Personally, I don’t really see the use case for this. It is much more complex than just running BFD for the IGP, and relying on the IGP for reachability to the pseudowire peer.

PreviousBFD for VPNv6 Static RoutesNextQoS

Last updated