Community discussions

MikroTik App
 
User avatar
lcm
Trainer
Trainer
Topic Author
Posts: 57
Joined: Wed Apr 28, 2010 11:56 pm
Location: Brazil
Contact:

BFD Open port on default conf

Sat Dec 24, 2016 5:13 pm

Hi Guys,

I have a client that are expericneing errors on log like this:
discarding BFD paclet: too short
source "many public ip"
On my home router (rb951-2hnd), basic conf, no dynamic routing protocols, the BDF UDP 3784 port is open:
Starting Nmap 6.40 ( http://nmap.org ) at 2016-12-24 11:39 BRT
Nmap scan report for 192.168.0.1
Host is up (0.00085s latency).
PORT STATE SERVICE
3784/udp open|filtered bfd-control
MAC Address: D4:CA:6D:BE:48:B6 (Routerboard.com)

Nmap done: 1 IP address (1 host up) scanned in 0.50 seconds
Is it the expected behavior? BFD is enabled by default on RouterOS?

Is there any known Atack on BFD port?

Thanks for your time.
 
User avatar
zipvault
Member Candidate
Member Candidate
Posts: 140
Joined: Fri Dec 23, 2016 8:15 am

Re: BFD Open port on default conf

Sun Dec 25, 2016 11:16 am

I noticed one of my routers connects to mikrotik server on inital hard reset thought this was slightly strange
 
User avatar
lcm
Trainer
Trainer
Topic Author
Posts: 57
Joined: Wed Apr 28, 2010 11:56 pm
Location: Brazil
Contact:

Re: BFD Open port on default conf

Mon Dec 26, 2016 4:52 pm

Thanks for your answer zipvault, but i think its a different subject.

Anyone else?
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 7041
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: BFD Open port on default conf

Tue Dec 27, 2016 1:04 pm

BFD listens to that port by default when routing package is enabled.
 
chubbs596
Frequent Visitor
Frequent Visitor
Posts: 90
Joined: Fri Dec 06, 2013 6:07 pm

Re: BFD Open port on default conf

Fri Sep 04, 2020 1:20 pm

BFD listens to that port by default when routing package is enabled.
Hi ,

I recently started using BFD to allow quicker failover in case a BGP peer fails, is there any need to protect the router with a firewall ? We try and not make use of a firewall on our edge to allow for maximum forwarding capacity, we protect the routers using by restricting ip service to local network only,
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 7041
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: BFD Open port on default conf

Fri Sep 04, 2020 1:44 pm

You can set raw rules to accept packets from known destinations.

Who is online

Users browsing this forum: onnyloh and 16 guests