Skip to content
MikroTik RouterOS Docs

BGP BFD and Graceful Restart

BGP BFD and Graceful Restart

Section titled “BGP BFD and Graceful Restart”

RouterOS can use Bidirectional Forwarding Detection (BFD) with BGP to detect peer failure much faster than the BGP hold timer. In RouterOS v7.15.3, this BFD integration is configurable and verified. By contrast, a configurable graceful-restart setting for BGP connections or templates was not present in testing, so this page only documents the BFD workflow that was confirmed on CHR.

Overview

Section titled “Overview”

Standard BGP failure detection depends on the hold timer. If a peer stops responding, the session is normally declared down only after that timer expires. BFD shortens that detection window to sub-second values by running a separate liveliness protocol alongside BGP.

MechanismRouterOS v7.15.3 statusNotes
BFD for BGPVerifiedEnable with use-bfd=yes on BGP connections or templates
Graceful Restart BGP settingNot verified as configurableNo graceful-restart parameter was available on tested BGP connections or templates

BFD for Fast BGP Failure Detection

Section titled “BFD for Fast BGP Failure Detection”

How BGP BFD Works

Section titled “How BGP BFD Works”

When use-bfd=yes is enabled for a BGP peer, RouterOS creates a BFD session for that neighbor and uses it for rapid failure detection. If the BFD session goes down, BGP resets immediately instead of waiting for the hold timer to expire.

Enable BFD on a BGP Connection

Section titled “Enable BFD on a BGP Connection”

Enable BFD directly on a connection:

# Enable BFD on an existing BGP connection
/routing/bgp/connection set [find name=ebgp-isp] use-bfd=yes


# Or enable it while creating the connection
/routing/bgp/connection add name=ebgp-isp \
    local.role=ebgp \
    remote.address=203.0.113.1 \
    remote.as=65000 \
    use-bfd=yes

For repeated policy, enable BFD on a BGP template and reference that template from connections:

# Template with BFD enabled
/routing/bgp/template add name=ibgp-peers \
    hold-time=3m \
    use-bfd=yes


# Connections using that template
/routing/bgp/connection add name=ibgp-rr1 \
    local.role=ibgp \
    remote.address=10.0.0.2 \
    remote.as=65001 \
    templates=ibgp-peers


/routing/bgp/connection add name=ibgp-rr2 \
    local.role=ibgp \
    remote.address=10.0.0.3 \
    remote.as=65001 \
    templates=ibgp-peers

Use use-bfd=yes, not bfd=yes. The shorter parameter name was not accepted in verification.

Multi-Hop BFD

Section titled “Multi-Hop BFD”

Multi-hop BGP sessions can also use BFD:

/routing/bgp/connection add name=ibgp-loopback \
    local.role=ibgp \
    remote.address=10.255.0.1 \
    remote.as=65001 \
    multihop=yes \
    use-bfd=yes

For multi-hop BFD, RouterOS uses UDP port 4784. Single-hop BFD uses UDP port 3784.

BFD Configuration Rules

Section titled “BFD Configuration Rules”

RouterOS v7 uses /routing bfd configuration for BFD matching and timer policy. There is no separate writable BFD peer menu in v7: configure timers on BFD configuration rules, and use /routing/bfd/session only as the read-only operational view.

# Create a BFD rule for a directly connected peer
/routing bfd configuration add addresses=203.0.113.1/32 interfaces=ether1


# Create a rule with explicit timers
/routing bfd configuration add \
    addresses=10.0.0.2/32 \
    interfaces=ether1 \
    min-rx=200ms \
    multiplier=3


# Review BFD configuration rules
/routing bfd configuration print detail

Sessions are then created automatically by BGP when a BFD-enabled peer matches one of these rules.

Verify BFD Status

Section titled “Verify BFD Status”

Check that BGP has BFD enabled and that RouterOS created active BFD sessions:

# Confirm BFD is enabled on BGP configuration
/routing/bgp/connection print detail
/routing/bgp/template print detail


# View BFD configuration rules
/routing bfd configuration print detail


# View active BFD sessions
/routing/bfd/session print
/routing/bfd/session print detail


# View BGP session state
/routing/bgp/session print detail

In RouterOS v7.15.3, /routing/bfd/session is a read-only operational view for this workflow. The tested CLI did not provide set, monitor, or print stats operations there.

Graceful Restart Notes

Section titled “Graceful Restart Notes”

Graceful Restart is often discussed alongside BFD because the two features affect BGP resiliency in different ways:

  • BFD speeds up detection of unplanned peer or path failure.
  • Graceful Restart is intended to preserve forwarding state during a control-plane restart.

However, on RouterOS v7.15.3 CHR, the tested BGP CLI did not expose a graceful-restart parameter on either /routing/bgp/connection or /routing/bgp/template. Because that configuration could not be verified, this page does not provide Graceful Restart enablement steps.

If you inspect session details, do so with a plain print command:

/routing/bgp/session print detail

The where state=established filter syntax used in some examples was not accepted reliably in verification for this path, so review the full output instead.

Complete Verified Example

Section titled “Complete Verified Example”
# BGP template with BFD enabled
/routing/bgp/template add name=isp-uplinks \
    hold-time=90s \
    keepalive-time=30s \
    use-bfd=yes


# eBGP connection using the template
/routing/bgp/connection add name=isp-a \
    local.role=ebgp \
    remote.address=192.168.86.89 \
    remote.as=65000 \
    templates=isp-uplinks \
    nexthop-choice=force-self


# iBGP multihop connection with BFD enabled directly
/routing/bgp/connection add name=ibgp-loopback \
    local.role=ibgp \
    remote.address=10.255.0.1 \
    remote.as=65001 \
    multihop=yes \
    use-bfd=yes


# BFD rules and session visibility
/routing bfd configuration print detail
/routing/bfd/session print
/routing/bfd/session print detail

Troubleshooting

Section titled “Troubleshooting”

BFD Sessions Do Not Appear

Section titled “BFD Sessions Do Not Appear”

Check these points first:

# Verify the BGP peer uses BFD
/routing/bgp/connection print detail


# Verify BFD matching rules exist
/routing bfd configuration print detail


# Confirm IP reachability to the peer
/tool/ping address=203.0.113.1 count=5

If BGP is configured with use-bfd=yes but no BFD session is created, the peer may not match any BFD configuration rule or may not be reachable.

Invalid BFD Command Paths

Section titled “Invalid BFD Command Paths”

In RouterOS v7.15.3, these paths or operations were not valid for the tested workflow:

  • /routing/bfd/template
  • /routing/bfd/session set
  • /routing/bfd/session monitor
  • /routing/bfd/session print stats

There is no /routing/bfd/peer menu in RouterOS v7. Use /routing bfd configuration for BFD rules and timers, and /routing/bfd/session for operational visibility.

See Also

Section titled “See Also”