VCCV BFD for Epipe Services
This chapter describes the VCCV BFD for Epipe services.
Topics in this chapter include:
Applicability
This chapter was initially written based on SR OS Release 15.0.R7. The CLI in the current edition corresponds to SR OS Release 23.7.R1.
Overview
Virtual circuit connectivity verification (VCCV) is defined by RFC 5085. Bidirectional forwarding detection (BFD) is defined by RFC 5880.
VCCV is an end-to-end fault-detection tool for testing pseudowires (PWs), and typically requires an operator to take manual actions. The PWs can be used for virtual leased line (VLL), virtual private LAN service (VPLS), and Internet enhanced service (IES)/virtual private routed network (VPRN) services with Epipe or Ipipe spoke-SDPs.
SR OS supports RFC 5885 which specifies a method for carrying BFD messages in a PW-associated channel and is referred to as VCCV BFD in SR OS. Because the associated channel shares fate with the data plane, VCCV BFD monitors the PW between two terminating PEs (T-PEs), regardless of the number of provider routers or switching PEs (S-PEs) the PW may traverse; see PW reference model. When enabled, faults in individual PWs can be detected quickly, whether or not other provider routers or S-PEs also carry other PWs. VCCV BFD can monitor specific high-value services, where detecting forwarding failures (and potentially recovering from them) in a minimum amount of time is critical.
VCCV BFD avoids manual hop-by-hop troubleshooting of each element along the path of the PW, which minimizes the probability of not detecting silent failures on intermediate routers.
VCCV BFD sessions run end-to-end on a switched or single-hop PW, from T-PE to T-PE. They do not terminate on an intermediate S-PE; therefore, the TTL of the PW label on VCCV BFD packets is always set to 255, to ensure that the packets reach the far-end T-PE of a multi-segment PW.
BFD is only used for fault detection. While RFC 5885 provides a mode in which VCCV BFD can be used to signal PW status, this mode is only applicable for PWs that have no other status signaling mechanism in use. LDP status and static PW status signaling always take precedence over BFD-signaled PW status, and BFD-signaled PW status is not used on PWs that use LDP status or static PW status signaling mechanisms.
Configuration
Example topology shows the example topology with Epipes "Epipe-1" and "Epipe-2" using LSP "lsp-1" between PE-5 and PE-6 and Epipe "Epipe-3" using LSP "lsp-2" between PE-5 and S-PE PE-4 and LSP "lsp-3" between PE-4 and PE-6.
The initial configuration includes:
Cards, MDAs, and ports
Router interfaces
IS-IS as IGP on all interfaces (alternatively, OSPF can be used), with traffic engineering enabled
- MPLS paths and LSPs:
- LSP "lsp-1" configured on PE-5 with primary path "path-5-1-2-6" and on PE-6 with primary path "path-6-2-1-5"
- LSP "lsp-2" configured on PE-5 with primary path "path-5-4" and on PE-4 with primary path "path-4-5"
- LSP "lsp-3" configured on PE-4 with primary path "path-4-3-6" and on PE-6 with primary path "path-6-3-4"
VCCV BFD configuration
Three steps are needed when configuring VCCV BFD:
-
Configure the BFD template
-
Apply the BFD template
-
Enable BFD
Step 1: configure BFD template
The bfd-template command provides the control packet timer values for the BFD.
The general command to define a BFD template is as follows:
configure
router Base
bfd
bfd-template <name>
transmit-interval <transmit-interval>
receive-interval <receive-interval>
echo-receive <echo-interval>
multiplier <multiplier>
type {cpm-np}
exit
However, network processor BFD (cpm-np) is not supported for VCCV, and the minimum supported receive or transmit timer interval is 100 ms. An error is generated if a user tries to apply a BFD template with the type cpm-np command or any unsupported transmit or receive interval value. An error is also generated when the user attempts to commit changes to a BFD template that is already bound to a spoke-SDP.
Steps 2 and 3: apply BFD template and enable BFD
To apply and enable the BFD template to a spoke-SDP where LDP is used as the SDP signaling protocol for a service, the following command can be used, depending on the service:
configure
service
[epipe|cpipe|ipipe|vpls|ies|vprn] <service-id>
spoke-sdp <sdp-binding-id>
bfd
bfd-template <name>
bfd-enable
If BGP is used as the SDP signaling protocol, the following command is used:
configure
service
[epipe|vpls] <service-id>
pw-template-binding <reference>
bfd-template <name>
bfd-enable
In this example, the following BFD templates are configured on PE-5 and PE-6:
# on PE-5, PE-6:
configure
router Base
bfd
begin
bfd-template "bfdt-1"
transmit-interval 2000
receive-interval 2000
multiplier 5
exit
bfd-template "bfdt-2"
transmit-interval 1000
receive-interval 1000
exit
commit
exit
These BFD templates are used in the Epipe services configured in the next section.
Service configuration
LDP VLL "Epipe-1"
The service "Epipe-1" is an LDP VLL running between PE-5 and PE-6, and uses manually configured SDP 56 on PE-5 and SDP 65 on PE-6, respectively, so the signaling is set to T-LDP. On PE-5, the spoke-SDP 56:1 has BFD template bfdt-2 applied, and BFD is enabled. The configuration on PE-6 is similar.
# on PE-5
configure
service
sdp 56 mpls create
signaling tldp # default
far-end 192.0.2.6
lsp "lsp-1"
keep-alive
shutdown
exit
no shutdown
exit
epipe 1 name "Epipe-1" customer 1 create
sap 1/1/c4/1:1 create
no shutdown
exit
spoke-sdp 56:1 create
bfd
bfd-template "bfdt-2"
bfd-enable
exit
no shutdown
exit
no shutdown
exit
Log 99 indicates the local discriminator value used for the VCCV BFD session, as follows:
88 2023/08/17 11:47:44.610 UTC MINOR: VRTR #2070 Base 127.0.0.1
"The vccv BFD session with Local Discriminator 1 on Svc 1 SdpBind 56:1 is up"
Configuring the spoke-SDP with a template with an invalid type (for example, type "cpm-np") leads to an error, as follows:
*A:PE-5>config>service>epipe>spoke-sdp>bfd# bfd-template "bfdt-cpm-np-100ms"
MINOR: SVCMGR #6260 Invalid bfd-template - incompatible bfd-template param
with VCCV: invalid type (oper)
Configuring the spoke-SDP with a template with an invalid transmit timer value also leads to an error, as follows:
*A:PE-5>config>service>epipe>spoke-sdp>bfd# bfd-template "bfdt-cpm-np-50ms"
MINOR: SVCMGR #6260 Invalid bfd-template - incompatible bfd-template param
with VCCV: invalid tx interval (oper)
BGP VPWS "Epipe-2"
The service "Epipe-2" is a BGP VPWS, also running between PE-5 and PE-6, using the manually configured SDPs 561 and 651 with the signaling set to BGP, as follows. Again, BFD template bfdt-2 is used, but now the BFD template is referred to from the pw-template-binding context. See the BGP Virtual Private Wire Services chapter for more information.
# PE-5:
configure
service
sdp 561 mpls create
signaling bgp
far-end 192.0.2.6
lsp "lsp-1"
keep-alive
shutdown
exit
no shutdown
exit
pw-template 1 prefer-provisioned-sdp create
exit
epipe 2 name "Epipe-2" customer 1 create
bgp
route-distinguisher 65545:2
route-target export target:65545:2 import target:65545:2
pw-template-binding 1
bfd-template "bfdt-2"
bfd-enable
exit
exit
bgp-vpws
ve-name "PE-5"
ve-id 5
exit
remote-ve-name "PE-6"
ve-id 6
exit
no shutdown
exit
sap 1/1/c4/1:2 create
no shutdown
exit
no shutdown
exit
LDP VLL "Epipe-3" with switching node PE-4
The service "Epipe-3" is another LDP VLL running between PE-5 and PE-6, but switched at PE-4. It uses the manually configured SDPs 54 and 45 between PE-5 and PE-4, and SDPs 46 and 64 between PE-4 and PE-6. All these SDPs are using T-LDP for the signaling. On PE-5, the spoke-SDP 54:3 has BFD template "bfdt-1" applied, and control-word is active. This ensures that BFD packets get into the PW mapping to that spoke-SDP and that these packets are forwarded between the VC-switched spoke-SDPs at PE-4. The configuration on PE-6 is similar.
# on PE-5:
configure
service
sdp 54 mpls create
signaling tldp # default
far-end 192.0.2.4
lsp "lsp-2"
keep-alive
shutdown
exit
no shutdown
exit
epipe 3 name "Epipe-3" customer 1 create
sap 1/1/c4/1:3 create
no shutdown
exit
spoke-sdp 54:3 create
control-word
bfd
bfd-template "bfdt-1"
bfd-enable
exit
no shutdown
exit
no shutdown
exit
For PE-4 to switch traffic from one VC to another, the creation time keyword vc-switching is required, as follows:
# on PE-4:
configure
service
sdp 45 mpls create
signaling tldp # default
far-end 192.0.2.5
lsp "lsp-2"
keep-alive
shutdown
exit
no shutdown
exit
sdp 46 mpls create
signaling tldp # default
far-end 192.0.2.6
lsp "lsp-3"
keep-alive
shutdown
exit
no shutdown
exit
epipe 3 name "Epipe-3" customer 1 vc-switching create
spoke-sdp 45:3 create
no shutdown
exit
spoke-sdp 46:3 create
no shutdown
exit
no shutdown
exit
VCCV BFD verification
The following command shows that BFD template "bfdt-2" is applied to SDP 56:1 in the "Epipe-1" service and to SDP 561:4294967295 in the "Epipe-2" service:
*A:PE-5# show router bfd bfd-template "bfdt-2"
===============================================================================
BFD Template bfdt-2
===============================================================================
Template Name : bfdt-2 Template Type : auto
Transmit Timer : 1000 msec Receive Timer : 1000 msec
Template Multiplier : 3 Echo Receive Interval : 100 msec
LSP-LDP Association Count : 0
LSP-RSVP Association Count : 0
LSP-RSVP Template Association Count : 0
LSP-SR-TE Association Count : 0
LSP-SR-TE Template Association Count : 0
LSP-SR-TE Association Count : 0
LSP-SR-TE Template Association Count : 0
Static SR-Policy Association Count : 0
BGP SR-Policy Association Count : 0
Mpls-tp Association
None
-------------------------------------------------------------------------------
Service Associations
-------------------------------------------------------------------------------
SvcId Sdp Bind BFD Enable BFD Encap
-------------------------------------------------------------------------------
1 56:1 yes ipv4
2 561:4294967295 yes ipv4
===============================================================================
The BFD configuration for SDP 56:1 on the "Epipe-1" service is listed in the detailed output for the SDP, as follows. The BFD template used is bfdt-2, BFD is enabled, and the BFD encapsulation used is IPv4. The peer VCCV CV bits indicate that the remote end supports LSP ping as well as BFD fault detection.
*A:PE-5# show service id 1 sdp 56:1 detail
===============================================================================
Service Destination Point (Sdp Id : 56:1) Details
===============================================================================
-------------------------------------------------------------------------------
Sdp Id 56:1 -(192.0.2.6)
-------------------------------------------------------------------------------
Description : (Not Specified)
SDP Id : 56:1 Type : Spoke
Spoke Descr : (Not Specified)
VC Type : Ether VC Tag : n/a
Admin Path MTU : 0 Oper Path MTU : 8974
Delivery : MPLS
Far End : 192.0.2.6 Tunnel Far End : n/a
Oper Tunnel Far End: 192.0.2.6
LSP Types : RSVP
Hash Label : Disabled Hash Lbl Sig Cap : Disabled
Oper Hash Label : Disabled
Entropy Label : Disabled
Admin State : Up Oper State : Up
MinReqd SdpOperMTU : 1514
Adv Service MTU : n/a
Acct. Pol : None Collect Stats : Disabled
Ingress Label : 524284 Egress Label : 524284
Ingr Mac Fltr-Id : n/a Egr Mac Fltr-Id : n/a
Ingr IP Fltr-Id : n/a Egr IP Fltr-Id : n/a
Ingr IPv6 Fltr-Id : n/a Egr IPv6 Fltr-Id : n/a
Admin ControlWord : Not Preferred Oper ControlWord : False
Admin BW(Kbps) : 0 Oper BW(Kbps) : 0
BFD Template : bfdt-2
BFD-Enabled : yes BFD-Encap : ipv4
BFD Fail Action : none BFD Oper State : connected
BFD WaitForUpTimer : 0 secs
BFD Time Remain : 0 secs
Last Status Change : 08/17/2023 11:47:43 Signaling : TLDP
Last Mgmt Change : 08/17/2023 11:57:21
Endpoint : N/A Precedence : 4
ICB : False
PW Status Sig : Enabled
Force Vlan-Vc : Disabled Force Qinq-Vc : none
Class Fwding State : Down
Flags : None
Local Pw Bits : None
Peer Pw Bits : None
Peer Fault Ip : None
Peer Vccv CV Bits : lspPing bfdFaultDet
Peer Vccv CC Bits : mplsRouterAlertLabel
---snip---
-------------------------------------------------------------------------------
Control Channel Status
-------------------------------------------------------------------------------
PW Status : disabled Refresh Timer : <none>
Peer Status Expire : false
Request Timer : <none>
Acknowledgement : false
---snip---
-------------------------------------------------------------------------------
RSVP/Static LSPs
-------------------------------------------------------------------------------
Associated LSP List :
Lsp Name : lsp-1
Admin State : Up Oper State : Up
Time Since Last Tr*: 00h15m42s
---snip---
Number of SDPs : 1
-------------------------------------------------------------------------------
===============================================================================
* indicates that the corresponding row element may have been truncated.
The full set of VCCV BFD sessions running with the currently used parameters can be shown as follows:
*A:PE-5# show service vccv-bfd
===============================================================================
BFD Session
===============================================================================
Svc-Id State Tx Pkts Rx Pkts
Sdp-Id:Vc-Id Multipl Tx Intvl Rx Intvl
Protocols Type LAG Port LAG ID
LAG name
-------------------------------------------------------------------------------
1 Up 150 150
56:1 3 1000 1000
vccv central N/A N/A
127.0.0.2
2 Up 718 718
561:4294967295 3 1000 1000
vccv central N/A N/A
127.0.0.2
3 Up 251 251
54:3 5 2000 2000
vccv central N/A N/A
127.0.0.2
-------------------------------------------------------------------------------
No. of System BFD sessions: 3
===============================================================================
The VCCV BFD sessions for a single service can be shown as follows:
*A:PE-5# show service id 3 vccv-bfd session
===============================================================================
BFD Session
===============================================================================
Svc-Id State Tx Pkts Rx Pkts
Sdp-Id:Vc-Id Multipl Tx Intvl Rx Intvl
Protocols Type LAG Port LAG ID
LAG name
-------------------------------------------------------------------------------
3 Up 265 265
54:3 5 2000 2000
vccv central N/A N/A
127.0.0.2
-------------------------------------------------------------------------------
No. of BFD sessions: 1
===============================================================================
Similar output can be obtained on PE-6.
Disconnecting the link between PE-1 and PE-2 affects the traffic taking the upper path; the VCCV BFD sessions for the services "Epipe-1" and "Epipe-2" go down, and so do the SDPs and the services. This is reflected in log 99, as follows:
142 2023/08/17 12:00:42.764 UTC WARNING: MPLS #2012 Base VR 1:
"LSP path lsp-1::path-5-1-2-6 is operationally disabled ('shutdown') because
resvTear"
143 2023/08/17 12:00:42.764 UTC WARNING: MPLS #2010 Base VR 1:
"LSP lsp-1 is operationally disabled ('shutdown') because noPathIsOperational"
144 2023/08/17 12:00:42.765 UTC MINOR: SVCMGR #2303 Base
"Status of SDP 56 changed to admin=up oper=down"
145 2023/08/17 12:00:42.765 UTC MINOR: SVCMGR #2303 Base
"Status of SDP 561 changed to admin=up oper=down"
146 2023/08/17 12:00:42.766 UTC MINOR: SVCMGR #2326 Base
"Status of SDP Bind 56:1 in service 1 (customer 1) local PW status bits changed
to psnIngressFault psnEgressFault "
147 2023/08/17 12:00:42.767 UTC MAJOR: SVCMGR #2316 Base
"Processing of a SDP state change event is finished and the status of all affected
SDP Bindings on SDP 561 has been updated."
148 2023/08/17 12:00:42.767 UTC MAJOR: SVCMGR #2316 Base
"Processing of a SDP state change event is finished and the status of all affected
SDP Bindings on SDP 56 has been updated."
149 2023/08/17 12:00:45.019 UTC MINOR: VRTR #2069 Base 127.0.0.1
"The vccv BFD session with Local Discriminator 9 on Svc 1 SdpBind 56:1 is down
due to noHeartBeat "
150 2023/08/17 12:00:45.600 UTC MINOR: VRTR #2069 Base 127.0.0.1
"The vccv BFD session with Local Discriminator 2 on Svc 2 SdpBind 561:4294967295
is down due to noHeartBeat "
151 2023/08/17 12:00:49.802 UTC MINOR: SVCMGR #2313 Base
"Status of SDP Bind 56:1 in service 1 (customer 1) peer PW status bits changed
to psnIngressFault psnEgressFault "
This status of the VCCV BFD sessions then is as follows:
*A:PE-5# show service vccv-bfd
===============================================================================
BFD Session
===============================================================================
Svc-Id State Tx Pkts Rx Pkts
Sdp-Id:Vc-Id Multipl Tx Intvl Rx Intvl
Protocols Type LAG Port LAG ID
LAG name
-------------------------------------------------------------------------------
1 Down 230 230
56:1 3 1000 1000
vccv central N/A N/A
127.0.0.2
2 Down 799 799
561:4294967295 3 1000 1000
vccv central N/A N/A
127.0.0.2
3 Up 320 319
54:3 5 2000 2000
vccv central N/A N/A
127.0.0.2
-------------------------------------------------------------------------------
No. of System BFD sessions: 3
===============================================================================
Consequently, the "Epipe-1" and "Epipe-2" services are operationally down, as follows:
*A:PE-5# show service service-using epipe
===============================================================================
Services [epipe]
===============================================================================
ServiceId Type Adm Opr CustomerId Service Name
-------------------------------------------------------------------------------
1 Epipe Up Down 1 Epipe-1
2 Epipe Up Down 1 Epipe-2
3 Epipe Up Up 1 Epipe-3
-------------------------------------------------------------------------------
Matching Services : 3
-------------------------------------------------------------------------------
===============================================================================
Conclusion
VCCV BFD can monitor specific high-value services, where detecting forwarding failures (and potentially recovering from them) in the minimal amount of time is critical. VCCV BFD complements other on-demand tools such as VCCV ping and VCCV trace by providing proactive detection of faults. VCCV ping and VCCV trace can later be used to localize and diagnose the root cause of the fault.