BFD Open port on default conf

lcm · December 24, 2016, 3:13pm

Hi Guys,

I have a client that are expericneing errors on log like this:

discarding BFD paclet: too short
source “many public ip”

On my home router (rb951-2hnd), basic conf, no dynamic routing protocols, the BDF UDP 3784 port is open:

Starting Nmap 6.40 ( > http://nmap.org > ) at 2016-12-24 11:39 BRT
Nmap scan report for 192.168.0.1
Host is up (0.00085s latency).
PORT STATE SERVICE
3784/udp open|filtered bfd-control
MAC Address: D4:CA:6D:BE:48:B6 (Routerboard.com)

Nmap done: 1 IP address (1 host up) scanned in 0.50 seconds

Is it the expected behavior? BFD is enabled by default on RouterOS?

Is there any known Atack on BFD port?

Thanks for your time.

zipvault · December 25, 2016, 9:16am

I noticed one of my routers connects to mikrotik server on inital hard reset thought this was slightly strange

lcm · December 26, 2016, 2:52pm

Thanks for your answer zipvault, but i think its a different subject.

Anyone else?

mrz · December 27, 2016, 11:04am

BFD listens to that port by default when routing package is enabled.

chubbs596 · September 4, 2020, 10:20am

Hi ,

I recently started using BFD to allow quicker failover in case a BGP peer fails, is there any need to protect the router with a firewall ? We try and not make use of a firewall on our edge to allow for maximum forwarding capacity, we protect the routers using by restricting ip service to local network only,

mrz · September 4, 2020, 10:44am

You can set raw rules to accept packets from known destinations.