Applicability of Bidirectional Forwarding Detection (BFD) for Multi-point Networks in Virtual Router Redundancy Protocol (VRRP)

Introduction The is the current Virtual Router Redundancy Protocol (VRRP) specification for IPv4 and IPv6 networks. VRRPv3 allows for a faster switchover to a Backup Router. A router may be part of several Virtual Router Redundancy groups, such as Active in some and Backup in others. Supporting sub-second mode for VRRPv3 for all these roles without specialized support in the data plane may prove challenging because of the increased load on the control plane. However, it may still be possible to deploy VRRP and provide sub-second detection of Active Router failure by Backup Routers. Bidirectional Forwarding Detection (BFD) had been originally defined to detect failure of point-to-point paths: single-hop , multihop . Single-hop BFD may enable a Backup router to detect a failure of the Active router within sub-seconds. extends for multipoint and multicast networks, which matches the deployment scenarios for VRRP over the LAN segment. This document demonstrates how point-to-multipoint (p2mp) BFD can enable faster detection of the Active Router failure and thus minimize service disruption in a VRRP domain.

Conventions used in this document

Terminology BFD: Bidirectional Forwarding Detection p2mp: Pont-to-Multipoint VRRP: Virtual Router Redundancy Protocol

Requirements Language The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 when, and only when, they appear in all capitals, as shown here.

Applicability of p2mp BFD may provide an efficient and scalable solution for a fast-converging environment that uses the default route rather than dynamic routing. Each redundancy group presents itself as a p2mp BFD session, with its Active Router being the head and Backup Routers being the tails of the p2mp BFD session. The Active Router, configured to use p2mp BFD to support faster convergence of VRRP, starts transmitting BFD control packets with IPvX address associated with the Virtual Router as a source IP address and the value of the My Discriminator field () locally selected according to the following rules:

For IPv4, the Active Router uses 32 bits of the IPv4 source address as described in Section 5.1.1.1 of .
For IPv6, the Active Router uses the 32 least-significant bits of IPv6 source address, as described in Section 5.1.2.1 of .

A Backup Router demultiplexes p2mp BFD test sessions based on IPvX address associated with the Virtual Router that it has been configured with and the non-zero My Discriminator value, it deduces from the received VRRP Advertisement packet according to the rules listed above. When a Backup router detects the failure of the Active Router, according to Section 5.11 , it re-evaluates its role in the Virtual Router. As a result, the Backup Router may become the Active router of the given Virtual Router or continue as a Backup Router.

If the former is the case, then the new Active router will start transmitting p2mp BFD control packets using the Active Router IP address as the source IP address for p2mp BFD control packets and thus bootstraps a new p2mp BFD session on a Backup Router.
If the latter is the case, the Backup Router MUST close and remove the p2mp BFD session associated with the failed Active Router. The VRRP Advertisement packet from the new VRRP Active Router will bootstrap the new p2mp BFD session.

Multipoint BFD Encapsulation The MultipointHead of p2mp BFD session when transmitting BFD control packet:

Set the source MAC address according to rules in Section 7.3 of ;
MUST set TTL or Hop Limit value to 255 (Section 5 ). Similarly, all received BFD Control packets that are demultiplexed to the session MUST be discarded if the received TTL or Hop Limit is not equal to 255;
SHOULD use group address VRRP ('224.0.0.18' for IPv4 and 'FF02:0:0:0:0:0:0:12' for IPv6) as destination IP address;
MAY use network broadcast address for IPv4 or link-local all nodes multicast group for IPv6 as destination IP address;
MUST set destination UDP port value to 3784 when transmitting BFD control packets, as defined in ;
Source UDP port value selection follows the rules defined in Section 4 of ;
MUST use the Active Router IP address as the source IP address.

IANA Considerations This document makes no requests for IANA allocations. This section may be deleted by RFC Editor.

Security Considerations This document defines an alternative way, to the one defined in , to accelerate detecting a failure that affects VRRP functionality using p2mp BFD. The operation of either protocol is not changed. Security considerations discussed in , , , and , apply to this document.

Acknowledgements The authors appreciate comments and suggestions shared by Acee Lindem and Alexander "Sasha" Vainshtein that helped simplify the solution.