Country/Region

BFD and MP-group linkage between MSR5620 router and HW equipment does not take effect

2021-06-10 02:45:46 Published
  • 0 Followed
  • 0Collected ,1378Browsed
MengPu

Network Topology

NULL


Problem Description

Customers use H3C"s MSR5620 router and HW "s router to do MP-group binding through WAN lines, and then use MP-group interface to link with BFD to realize fast switching of links. However, BFD does not take effect.




Process Analysis

HW:

bfd XiLiaoBian bind peer-ip default-ip interface Mp-group0/8/6

 discriminator local 2057

 discriminator remote 20

 process-interface-status

 authentication-mode met-sha1 key-id 1 cipher 123456 nego-packet

 

H3C

bfd static to-WX peer-ip default-ip interface MP-group2/0/0 source-ip 1.1.1.1 discriminator local 20 remote 2057 bfd authentication-mode m-sha1 1 cipher 123456

 


Since the MP-group interface of H3C device does not support the configuration of linkage with BFD, it can only be set globally. There is no problem when we check the configuration of H3C


Then open Debug BFD on the H3C device to check the interaction of BFD messages:




*May 19 16:17:53:502 2021 D2-LN-LY-WuXing-R BFD/7/DEBUG: Send:Ctrl packet, Src:1.1.1.1, Dst:224.0.0.184, Ver:1, Diag:0, Sta:1 P/F/C/A/D/M:0/0/1/1/0/0, Mult:5 LD/RD:20/2057, Tx:1000ms, Rx:1000ms, EchoRx:0ms, Auth: 5


*May 19 16:17:53:502 2021 D2-LN-LY-WuXing-R BFD/7/DEBUG: Create send timer[1000ms] success, LD:20


*May 19 16:17:54:087 2021 D2-LN-LY-WuXing-R BFD/7/DEBUG: -Slot=2; [K]Recv INTF Pkt ifIndex: 17413/17413, PhyStatus:1


*May 19 16:17:54:087 2021 D2-LN-LY-WuXing-R BFD/7/DEBUG: -Slot=2; [K]Recv:Ctrl packet, Src:169.254.255.254, Dst:224.0.0.184, Ver:1, Diag:0, Sta:1 P/F/C/A/D/M:0/0/1/1/0/0, Mult:3 LD/RD:2057/20, Tx:5236ms, Rx:5236ms, EchoRx:0ms, Auth: 5


*May 19 16:17:54:106 2021 D2-LN-LY-WuXing-R BFD/7/DEBUG: Received (M)SHA1 packet HASH not match or calculate failed. Discard packet.



According to the DEBUG message, the password of the received message is not matched. It is suspected that the password configuration of both sides is wrong or the encryption algorithm is inconsistent







Solution

 

HW MET-SHA1 is connected to H3C HMAC-SHA1, so it can be solved after modifying the encryption algorithm on the H3C device side


Please rate this case:   
0 Comments

No Comments

Add Comments:

Copyright© 2025 H3C reserves all rights to the current version NO.1

The copyright of this icon belongs to H3C. It is only for the use of this community. Do not use it for commercial purposes. Anyone who violates this icon will be prosecuted