Hello! On first sight this looks like Fortinet ignoring the packets. Maybe (wild guess) you have a firewall rule in place dropping them in the Fortinet?
Maria On 7 June 2024 21:51:28 CEST, LIU Chris via Bird-users <[email protected]> wrote: >Classified as: {Hitachi Rail – Public} > >My setup : >Linux running bird, Peer: Fortinet Firewall > >In bird, configure bfd as below: > >protocol bfd BFD_SD_01 { > interface "*" { > min rx interval 1000000 us; > min tx interval 1000000 us; > idle tx interval 1000000 ums; > multiplier 3; > }; > neighbor 192.168.0.1 local 192.168.0.2; >} > >Fortinet side, biasally same, also set rx intrva: 1000 ms, tx interval: >1000ms, multiplier: 3 >However, both side show bfd DOWN。 >Catpure tcpdump in Fortinet side, Fortinet IP: 192.168.0.1 > Time source destination protocol info >1 0.000000 192.168.0.2 192.168.0.1 BFD Control Diag: No Diagnostic, State: >Down, Flags: 0x00 >6 0.756375 192.168.0.2 192.168.0.1 BFD Control Diag: No Diagnostic, State: >Down, Flags: 0x00 >11 1.519796 192.168.0.2 192.168.0.1 BFD Control Diag: No Diagnostic, State: >Down, Flags: 0x00 >14 2.351177 192.168.0.2 192.168.0.1 BFD Control Diag: No Diagnostic, State: >Down, Flags: 0x00 >19 3.225686 192.168.0.2 192.168.0.1 BFD Control Diag: No Diagnostic, State: >Down, Flags: 0x00 >24 3.852938 192.168.0.1 192.168.0.2 BFD Control Diag: Control Detection Time >Expired, State: Down, Flags: 0x00 >25 3.981126 192.168.0.2 192.168.0.1 BFD Control Diag: No Diagnostic, State: >Down, Flags: 0x00 > >from Fortinet neighbour information, it seems cannot receive control message >from Peer, why? I don't have any block port. Why get detection time: 1500ms >after neighboation >Below is fortinet bfd neighbor information >OurAddress NeighAddress State Interface LDesc/RDesc >192.168.0.1 192.168.0.2 DOWN STN2-SD-A 1/0/M >Local Diag: 1, Demand mode: no, Poll bit: unset >MinTxInt: 1000, MinRxInt: 1000, Multiplier: 3 >Received: MinRxInt: 0 (ms), MinTxInt: 0 (ms), Multiplier: 3 >Transmit Interval: 6500 (ms), Detection Time: 1500 (ms) >Rx Count: 0, Rx Interval; (ms) min/max/avg 0/0/0 >Tx Count: 10287, Tx Interval (ms) min/max/avg 5000/5030/5000, last: 2350 (ms) >ago >Registered protocols: Static BGP > >Is this bird issue or fortinet? I suspect 80% caused by Fortiet, but I just >want to get some suggestion/proposal from bird expert. > >With Best Regards, >Chris LIU > >Hitachi Rail – Public > > >{Hitachi Rail – Public} -- Maria Matejka (she/her) | BIRD Team Leader | CZ.NIC, z.s.p.o.
