Bird is bringing down bgp connection upon receiving Admin Down

Sunnat Samadov sunnat.samadov at est.tech
Wed Jul 12 11:53:47 CEST 2023 

Hi birds,

This is the detailed explanation of the previously raised issue.


We are using BIRD https://gitlab.nic.cz/labs/bird/-/tags/v2.0.11. And there is an issue with respect to BFD + BGP as described below.



When Peer device ( Cisco ASR router) sends an BFD admin down, Bird is bringing down the BGP connection which is using BFD mode ON, which is not correct. The expected behavior is upon receiving BFD admin down from peer device, Bird should fall back to the Normal BGP mode of working.





As per the comment mentioned on Bird forum, We could see the same (expected behavior) is to be claimed as ways of working for Bird:

That is expected. Only a BFD transition from Up to Down is supposed to
shutdown the BGP or OSPF session, while general unavailability of BFD
(or permanent AdminDown state) on the neighbor is not an obstacle for
BGP or OSPF. See RFC 5882 for details.

BFD implementation in 1.4.0 (narkive.com)<https://bird-users.network.narkive.com/3REbA0Wz/bfd-implementation-in-1-4-0#post5>



Steps:

  1.  Setup Bird config as (single hop / directly connected to router):

[protocol device { }   protocol bgp {     local 10.0.10.22 as 64512;     neighbor 10.0.10.6 as 65001;     hold time 3;     graceful restart off;     setkey off;       ipv4 {         import all;         export filter {             if proto = "static1" then reject;             accept;         };     }; bfd on; } protocol bfd {       interface "eth0" {               min rx interval 100 ms;               min tx interval 100 ms;               idle tx interval 300 ms;               multiplier 3;       };         neighbor 10.0.10.6;       neighbor 10.0.10.8;       neighbor 10.0.10.10; }]

  1.  Make sure BGP and BFD session are up between bird and DCGW/router.
  2.  From router bring down the BFD session alone.
  3.  On Bird end we observe BGP session was brought down upon receiving BFD admin down. Which is not expected behaviour as per RFC.


As per rfc5882#section-3.2<https://datatracker.ietf.org/doc/html/rfc5882#section-3.2>


Therefore, a system SHOULD NOT indicate a connectivity failure to a

   client if either the local session state or the remote session state

   (if known) transitions to AdminDown, so long as that client has

   independent means of liveness detection (typically, control

   protocols).



Attached PCAP : 128.0.0.3 is the router IP address and 128.0.0.53 is the Bird IP.


Br,
Sunnat Samadov



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20230712/bade4c58/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image.png
Type: image/png
Size: 51860 bytes
Desc: image.png
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20230712/bade4c58/attachment.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: BFD-Admin-down-issue.pcap
Type: application/vnd.tcpdump.pcap
Size: 5470 bytes
Desc: BFD-Admin-down-issue.pcap
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20230712/bade4c58/attachment.pcap>

More information about the Bird-users mailing list