BFD for iBGP peers

toddnat · July 23, 2016, 10:58pm

Trying to establish BFD on an iBGP peer (client to a route reflector). I see the BFD packets leaving the client router, destine to my route reflector iBGP IP with UDP port 4784, but the source IP is using the interface on the originating router instead of the loopback IP. BFD in turn is not establishing on the peering. Is there a way to force the use of the loopback for iBGP BFD, much like setting the next-hop to “self” for the routes advertised?

Thank you.

toddnat · July 23, 2016, 11:17pm

Also, the update source is set to use the loopback, and I see the status of the peering using the local loopback peered to the route reflector loopback. iBGP peering works fine with BFD, but when I check BFD, I see an “unspecified” neighbor in BFD using the timing parameters set under the “all” interfaces in BFD, just the local IP used is the egress IP of the router.

nz_monkey · July 24, 2016, 5:15am

Hi Todd,

Sorry to be the bearer of bad news, but BFD is broken in RouterOS v6. I would avoid using it until RouterOS v7 is released.

toddnat · July 24, 2016, 2:07pm

BFD altogether, or just BFD for BGP? I have BFD used on all my point-to-point OSPF links, and it appears to be operating without issue.

nz_monkey · July 25, 2016, 7:28am

BFD altogether..

We had it running without issue for quite a while. But as our network grew we had increasing issues with OSPF and BGP flapping. We disabled BFD and it OSPF/BBGP have been stable since.

We logged a ticket with Mikrotik support and were told BFD was broken and would be fixed in v7.

It is a real shame as we would use BFD everywhere if it worked.

toddnat · July 26, 2016, 3:37pm

Thank you for the information. Hopefully v7 will have this addressed for all BFD use cases.

R4kk00n · August 20, 2016, 11:54am

@toddnat, you can also try to use an ugly hack with source NAT’ting your outgoing BFD packets. It goes something like this (I’m writing from memory, so there might be errors):

/ip firewall nat
add chain=src-nat action=srcnat src-address-type=local protocol=udp port=4784 to-address={{ your loopback IP here }}

Seems to work in my case. If you have conntrack enabled, you’ll have to reestablish peers for it to take effect.

barts · December 10, 2019, 3:39am

Tks @R4kk00n… been solved by following your tip:

protg:

@toddnat, you can also try to use an ugly hack with source NAT’ting your outgoing BFD packets. It goes something like this (I’m writing from memory, so there might be errors):
/ip firewall nat
add chain=src-nat action=srcnat src-address-type=local protocol=udp port=4784 to-address={{ your loopback IP here }}
Seems to work in my case. If you have conntrack enabled, you’ll have to reestablish peers for it to take effect.

ashaw · April 3, 2020, 12:42pm

I have run into this issue as well, only I’m using IPv6 so I can’t even do the workaround.

When is v7 coming out?