<div dir="auto">Hi,<div dir="auto"><br></div><div dir="auto">Could it be issue with a source port? It is described in the documentation, btw:</div><div dir="auto"><br></div><div dir="auto"><a href="https://bird.network.cz/?get_doc&v=20&f=bird-6.html#ss6.3">https://bird.network.cz/?get_doc&v=20&f=bird-6.html#ss6.3</a><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Sat, Jun 8, 2024, 03:51 Maria Matejka via Bird-users <<a href="mailto:bird-users@network.cz">bird-users@network.cz</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div lang="EN-US" link="blue" vlink="purple" style="word-wrap:break-word"><div dir="auto">Hello!<br><br>On first sight this looks like Fortinet ignoring the packets. Maybe (wild guess) you have a firewall rule in place dropping them in the Fortinet?<br><br>Maria</div><br><br><div class="gmail_quote"><div dir="auto">On 7 June 2024 21:51:28 CEST, LIU Chris via Bird-users <<a href="mailto:bird-users@network.cz" target="_blank" rel="noreferrer">bird-users@network.cz</a>> wrote:</div><blockquote class="gmail_quote" style="margin:0pt 0pt 0pt 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<p style="font-family:Arial Black;font-size:10pt;color:#dbe5f1;margin:5pt;font-style:normal;font-weight:normal;text-decoration:none" align="Left">
Classified as: {Hitachi Rail – Public}<br>
</p>
<br>
<div>
<div class="m_-4336454851043384392WordSection1">
<p class="MsoNormal"><span style="font-size:11.0pt">My setup :<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt">Linux running bird</span><span lang="ZH-CN" style="font-size:11.0pt;font-family:DengXian">,</span><span lang="ZH-CN" style="font-size:11.0pt">
</span><span style="font-size:11.0pt">Peer: Fortinet Firewall<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt">In bird, configure bfd as below:<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt">protocol bfd BFD_SD_01 {<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"> interface "*" {<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"> min rx interval 1000000 us;<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"> min tx interval 1000000 us;<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"> idle tx interval 1000000 ums;<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"> multiplier 3;<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"> };<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"> neighbor 192.168.0.1 local 192.168.0.2;<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt">}<u></u><u></u></span></p>
<div>
<p class="MsoNormal"><span style="font-size:11.0pt"><br>
</span><span lang="EN-CA" style="font-size:10.0pt;font-family:"Verdana",sans-serif;color:#1f497d">Fortinet side, biasally same, also set rx intrva: 1000 ms, tx interval: 1000ms, multiplier: 3<u></u><u></u></span></p>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span lang="EN-CA" style="font-size:10.0pt;font-family:"Verdana",sans-serif;color:#1f497d">However, both side show bfd DOWN</span><span lang="ZH-CN" style="font-size:10.0pt;font-family:DengXian;color:#1f497d">。</span><span lang="EN-CA" style="font-size:10.0pt;font-family:"Verdana",sans-serif;color:#1f497d"><u></u><u></u></span></p>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span lang="EN-CA" style="font-size:10.0pt;font-family:"Verdana",sans-serif;color:#1f497d">Catpure tcpdump in Fortinet side, Fortinet IP: 192.168.0.1<u></u><u></u></span></p>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span style="font-family:"Arial",sans-serif;color:black"> Time source destination protocol info<u></u><u></u></span></p>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span style="font-family:"Arial",sans-serif;color:black">1 0.000000 192.168.0.2 192.168.0.1 BFD Control Diag: No Diagnostic, State: Down, Flags: 0x00<u></u><u></u></span></p>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span style="font-family:"Arial",sans-serif;color:black">6 0.756375 192.168.0.2 192.168.0.1 BFD Control Diag: No Diagnostic, State: Down, Flags: 0x00<u></u><u></u></span></p>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span style="font-family:"Arial",sans-serif;color:black">11 1.519796 192.168.0.2 192.168.0.1 BFD Control Diag: No Diagnostic, State: Down, Flags: 0x00<u></u><u></u></span></p>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span style="font-family:"Arial",sans-serif;color:black">14 2.351177 192.168.0.2 192.168.0.1 BFD Control Diag: No Diagnostic, State: Down, Flags: 0x00<u></u><u></u></span></p>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span style="font-family:"Arial",sans-serif;color:black">19 3.225686 192.168.0.2 192.168.0.1 BFD Control Diag: No Diagnostic, State: Down, Flags: 0x00<u></u><u></u></span></p>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span style="font-family:"Arial",sans-serif;color:black">24 3.852938 192.168.0.1 192.168.0.2 BFD Control Diag: Control Detection Time Expired, State: Down, Flags: 0x00<u></u><u></u></span></p>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span style="font-family:"Arial",sans-serif;color:black">25 3.981126 192.168.0.2 192.168.0.1 BFD Control Diag: No Diagnostic, State: Down, Flags: 0x00</span><span style="font-size:10.0pt;font-family:"Verdana",sans-serif;color:#1f497d"><u></u><u></u></span></p>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span lang="EN-CA" style="font-size:10.0pt;font-family:"Verdana",sans-serif;color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span lang="EN-CA" style="font-size:10.0pt;font-family:"Verdana",sans-serif;color:#1f497d">from Fortinet neighbour information, it seems cannot receive control message from Peer, why? I don't have any block
port. Why get detection time: 1500ms after neighboation <u></u><u></u></span></p>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span lang="EN-CA" style="font-size:10.0pt;font-family:"Verdana",sans-serif;color:#1f497d">Below is fortinet bfd neighbor information<u></u><u></u></span></p>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span lang="EN-CA" style="font-size:10.0pt;font-family:"Verdana",sans-serif">OurAddress NeighAddress State Interface LDesc/RDesc<u></u><u></u></span></p>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span lang="EN-CA" style="font-size:10.0pt;font-family:"Verdana",sans-serif">192.168.0.1 192.168.0.2 DOWN STN2-SD-A 1/0/M<u></u><u></u></span></p>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span lang="EN-CA" style="font-size:10.0pt;font-family:"Verdana",sans-serif">Local Diag: 1, Demand mode: no, Poll bit: unset<u></u><u></u></span></p>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span lang="EN-CA" style="font-size:10.0pt;font-family:"Verdana",sans-serif">MinTxInt: 1000, MinRxInt: 1000, Multiplier: 3<u></u><u></u></span></p>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span lang="EN-CA" style="font-size:10.0pt;font-family:"Verdana",sans-serif;background:yellow">Received: MinRxInt: 0 (ms), MinTxInt: 0 (ms), Multiplier: 3</span><span lang="EN-CA" style="font-size:10.0pt;font-family:"Verdana",sans-serif"><u></u><u></u></span></p>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span lang="EN-CA" style="font-size:10.0pt;font-family:"Verdana",sans-serif">Transmit Interval: 6500 (ms),
<span style="background:yellow">Detection Time: 1500 (ms)</span><u></u><u></u></span></p>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span lang="EN-CA" style="font-size:10.0pt;font-family:"Verdana",sans-serif">Rx Count: 0, Rx Interval; (ms) min/max/avg 0/0/0<u></u><u></u></span></p>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span lang="EN-CA" style="font-size:10.0pt;font-family:"Verdana",sans-serif">Tx Count: 10287, Tx Interval (ms) min/max/avg 5000/5030/5000, last: 2350 (ms) ago<u></u><u></u></span></p>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span lang="EN-CA" style="font-size:10.0pt;font-family:"Verdana",sans-serif">Registered protocols: Static BGP<u></u><u></u></span></p>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span lang="EN-CA" style="font-size:10.0pt;font-family:"Verdana",sans-serif;color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span lang="EN-CA" style="font-size:10.0pt;font-family:"Verdana",sans-serif;color:#1f497d">Is this bird issue or fortinet? I suspect 80% caused by Fortiet, but I just want to get some suggestion/proposal from
bird expert.<u></u><u></u></span></p>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span lang="EN-CA" style="font-size:10.0pt;font-family:"Verdana",sans-serif;color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span lang="EN-CA" style="font-size:10.0pt;font-family:"Verdana",sans-serif;color:#1f497d">With Best Regards,<u></u><u></u></span></p>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span lang="EN-CA" style="font-size:10.0pt;font-family:"Verdana",sans-serif;color:#1f497d">Chris LIU<u></u><u></u></span></p>
</div>
<div>
<div style="border:none;border-left:solid blue 1.5pt;padding:0in 0in 0in 4.0pt">
<p align="center" style="margin:5.0pt;text-align:center"><span style="font-size:10.0pt;font-family:"Arial Black",sans-serif;color:#dbe5f1">Hitachi Rail – Public<u></u><u></u></span></p>
</div>
</div>
</div>
</div>
<br>
<p style="font-family:Arial Black;font-size:10pt;color:#dbe5f1;margin:5pt;font-style:normal;font-weight:normal;text-decoration:none" align="Center">
{Hitachi Rail – Public}<br>
</p>
</blockquote></div><div dir="auto"><div>-- <br>Maria Matejka (she/her) | BIRD Team Leader | CZ.NIC, z.s.p.o.</div></div></div>
</blockquote></div>