Wired Intelligent Edge

I am looking into BFD for OSPF peers on OS-CX and the 10.08 High Availability Guide Page 18

Configuring BFD For OSPFv2
Prerequisites
-OSPFv2 must be enabled.
-ICMP must be disabled.

I don't understand why ICMP needs to be disabled, nor how to disable it.

Can anybody shed some light on this one?

Link to guide
https://www.arubanetworks.com/techdocs/AOS-CX/10.08/PDF/high_availability.pdf

Arubanetworks		remove preview
View this on Arubanetworks >

Thanks, AP.

------------------------------
Andrew Partridge
------------------------------

BFD operates by sending its control packets to itself, sourcing from itself. This is to test the forwarding plane of the remote router; assuming that if it can route the packet back, it has an operational forwarding plane. However, by default the remote router will issue an ICMP redirect message informing the sending router that it has a more optional path (via itself). By nature, it makes no sense to send a packet to a remote router only for that router to send it back again, but since this is actually exactly what we want to do with BFD, we need to disable these ICMP redirect messages on BFD-enabled interfaces. This is to avoid a high CPU utilization on the remote router. BFD will work without disabling ICMP redirects, and might not be a problem if you have only a few BFD peers, but at some point the CPU will be too busy generating the ICMP redirects. This is why ICMP redirects really should be disabled.

------------------------------
Dustin Burns
Lead Mobility Engineer @WEI

ACCX 1271| ACMX 509| ACSP | ACDA | MVP Guru 2021
If my post was useful accept solution and/or give kudos
------------------------------

Original Message:
Sent: Dec 07, 2021 05:25 AM
From: Andrew Partridge
Subject: BFD, OSPF and Disabling ICMP



I am looking into BFD for OSPF peers on OS-CX and the 10.08 High Availability Guide Page 18

Configuring BFD For OSPFv2
Prerequisites
-OSPFv2 must be enabled.
-ICMP must be disabled.

I don't understand why ICMP needs to be disabled, nor how to disable it.

Can anybody shed some light on this one?

Link to guide
https://www.arubanetworks.com/techdocs/AOS-CX/10.08/PDF/high_availability.pdf

Arubanetworks		remove preview
View this on Arubanetworks >

Thanks, AP.

------------------------------
Andrew Partridge
------------------------------

Thanks Dustin, 

That makes sense, the documentation wasn't clear it was ICMP redirect to disable. 

Is this only applicable to echo mode, and not in Asynchronous mode?

------------------------------
Andrew Partridge
------------------------------

Original Message:
Sent: Dec 07, 2021 07:45 AM
From: Dustin Burns
Subject: BFD, OSPF and Disabling ICMP

BFD operates by sending its control packets to itself, sourcing from itself. This is to test the forwarding plane of the remote router; assuming that if it can route the packet back, it has an operational forwarding plane. However, by default the remote router will issue an ICMP redirect message informing the sending router that it has a more optional path (via itself). By nature, it makes no sense to send a packet to a remote router only for that router to send it back again, but since this is actually exactly what we want to do with BFD, we need to disable these ICMP redirect messages on BFD-enabled interfaces. This is to avoid a high CPU utilization on the remote router. BFD will work without disabling ICMP redirects, and might not be a problem if you have only a few BFD peers, but at some point the CPU will be too busy generating the ICMP redirects. This is why ICMP redirects really should be disabled.

------------------------------
Dustin Burns
Lead Mobility Engineer @WEI

ACCX 1271| ACMX 509| ACSP | ACDA | MVP Guru 2021
If my post was useful accept solution and/or give kudos

Original Message:
Sent: Dec 07, 2021 05:25 AM
From: Andrew Partridge
Subject: BFD, OSPF and Disabling ICMP



I am looking into BFD for OSPF peers on OS-CX and the 10.08 High Availability Guide Page 18

Configuring BFD For OSPFv2
Prerequisites
-OSPFv2 must be enabled.
-ICMP must be disabled.

I don't understand why ICMP needs to be disabled, nor how to disable it.

Can anybody shed some light on this one?

Link to guide
https://www.arubanetworks.com/techdocs/AOS-CX/10.08/PDF/high_availability.pdf

Arubanetworks		remove preview
View this on Arubanetworks >

Thanks, AP.

------------------------------
Andrew Partridge
------------------------------

IN addition, to complete the answer, the how to disable it is:

no ip icmp redirect

------------------------------
Vincent Giles
------------------------------

Original Message:
Sent: Dec 07, 2021 05:25 AM
From: Andrew Partridge
Subject: BFD, OSPF and Disabling ICMP



I am looking into BFD for OSPF peers on OS-CX and the 10.08 High Availability Guide Page 18

Configuring BFD For OSPFv2
Prerequisites
-OSPFv2 must be enabled.
-ICMP must be disabled.

I don't understand why ICMP needs to be disabled, nor how to disable it.

Can anybody shed some light on this one?

Link to guide
https://www.arubanetworks.com/techdocs/AOS-CX/10.08/PDF/high_availability.pdf

Arubanetworks		remove preview
View this on Arubanetworks >

Thanks, AP.

------------------------------
Andrew Partridge
------------------------------