S6805与很多虚拟机直连并建立BGP邻居,同时配置BFD检测。
部分BGP邻居的BFD会话无法UP
===============display bfd session verbose===============
Total Session Num: 20 Up Session Num: 5 Init Mode: Active
IPv4 session working in control packet mode:
Local Discr: 1025 Remote Discr: 0
Source IP: 10.66.137.137 Destination IP: 10.66.137.138
Session State: Down Interface: Vlan-interface999
Min Tx Inter: 400ms Act Tx Inter: 100ms
Min Rx Inter: 400ms Detect Inter: 5000ms
Rx Count: 0 Tx Count: 12845730
Connect Type: Direct Running Up for: 00:00:00
Hold Time: 0ms Auth mode: None
Detect Mode: Async Slot: 1
Protocol: MAD
Version: 1
Diag Info: No Diagnostic
Local Discr: 1069 Remote Discr: 1363766235
Source IP: 10.66.140.1 Destination IP: 10.66.140.2
Session State: Up Interface: N/A
Min Tx Inter: 400ms Act Tx Inter: 400ms
Min Rx Inter: 400ms Detect Inter: 2000ms
Rx Count: 310 Tx Count: 291
Connect Type: Indirect Running Up for: 00:01:41
Hold Time: 1823ms Auth mode: None
Detect Mode: Async Slot: 2
Protocol: BGP
Version: 1
Diag Info: No Diagnostic
1、通过在设备侧采集BFD的debug信息,发现有很多BFD控制报文被丢弃,原因是无效的端口号
*Apr 28 18:27:23:618 2021 ***.***.cn6 BFD/7/DEBUG: -Slot=2; [K]Recv from OAM:Ctrl packet, Src:10.66.137.137, Dst:10.66.137.138, Ver:1, Diag:0, Sta:1 P/F/C/A/D/M:0/0/1/0/0/0, Mult:5 LD/RD:1025/0, Tx:100ms, Rx:100ms, EchoRx:0ms
*Apr 28 18:27:24:634 2021 ***.***.cn6 BFD/7/DEBUG: [K]Invalid UDP source port. Discard packet.
2、通过抓包发现无法UP的BFD会话,虚拟机发出的控制报文源端口大多是3w多
3、标准协议规定BFD的src port不能小于49152,我司设备也是按照标准协议实现的
虚拟机侧修改配置,保证发出的BFD报文源端口大于49152
该案例暂时没有网友评论
✖
案例意见反馈
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作