nav[aria-label="Primary Navigation"] { padding: 0; & ul { list-style: none; width: 100%; display: flex; flex-direction: row; justify-content: start; align-items: start; gap: 30px; padding: 0; & li { margin: 0; } & ul li { list-style: none; } } }

BFD Unicast PRF check

FrankGuthrie

Why does BFD not work with the RPF check.

So I know uRPF check if it has a way back to the source out on the same interface as it receives a packet., but why would BFD not work.

Find more posts tagged with

SAVE $250 on Your CISCO Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View CISCO Boot Camps

Comments

fredrikjj

You can run BFD with or without echoes. If you use the echoes, the BFD echo packet sent from one side of the link and then looped back to the originating interface, unchanged. If you use uRPF those packets could fail the RPF check because the source address of the BFD packet may not be routable out the incoming interface. If that is an issue, you can use BFD without echoes.

IP Routing on Cisco IOS, IOS XE, and IOS XR: An Essential Guide to Understanding and Implementing IP Routing Protocols, chapter 21:

Note When unicast reverse path forwarding (uRPF) is enabled on an interface,asynchronous mode without echo is usually deployed to avoid inadvertently dropping
looped echo packets. The IOS command to disable echo mode on an interface is no bfd
echo . The IOS XR command is bfd interface interface-type interface-number echo disable

The drawback of disabling echoes and only using unidirectional BFD packets is that you lose out on "more accurately testing the forwarding path":

The primary benefit of the echo function is that it more accurately tests the forwarding path between the two routers in comparison with the BFD without echo.

(that chapter is a free download here if you want to read more: http://www.ciscopress.com/content/images/9781587144233/downloads/9781587144233_Online%20Elements.zip)

FrankGuthrie

Ok, So basically URPF thinks there is a loop in the network and drop the BFD echo's correct?

If you turn of echo mode in BFD single hop, it basically works the same as Multihop?? Why is it that Echo mode can't work in Multihop?

If you turn off echo mode, then they, both BFD single and Multihop, work the same except the Control packet are send over multiple hops with Multihop? Is this correct?

So with BFD without echo mode or BFD multihop you basically don't have the forwarding check only a check on the control plane? Would it mean that these 2 modes are susceptible to black-holing traffic is the forwarding plane is broken?

FrankGuthrie

bumped up.