Announcing bidirectional forwarding detection and enhancements for OCI FastConnect

April 11, 2022 | 4 minute read
Misha Kasvin
Principal Solutions Architect, OCI Networking Services
Text Size 100%:

We’re pleased to announce the general availability of bidirectional forwarding detection (BFD) for Oracle Cloud Infrastructure (OCI) FastConnect in all regions. You can enable BFD on each virtual circuit for both private and public peering. It has support for all FastConnect connectivity models, except for layer 3 partner connections.

Failover is a critical component of network resiliency. Even with redundant connections, routing protocol reconvergence takes time during a failover event. BFD enables routers to detect network faults between two BGP speakers quicker than with only BGP timers. This fast failure detection provided by BFD facilitates faster BGP reconvergence, which results in greater resiliency for your FastConnect connections and shorter downtime during failover events. These benefits limit traffic loss and allowing for your business-critical apps to resume communication as fast as possible.

With BFD, we’re also adding a capability to disable and reenable your existing virtual circuits and other metrics to FastConnect, allowing you to monitor the number of bits sent or received on any given virtual circuit.

BFD overview

Bidirectional forwarding detection (BFD) is a network fault detection protocol that provides fast detection of forwarding path failures. BFD is configured between the FastConnect edge router and your customer-premises equipment (CPE). It accomplishes fast fault detection by sending hello packets at specific intervals, if a certain number of hello packets are not received, then BFD signals BGP to tear down its peering and failover traffic through any available alternate paths. As a result, the BGP neighbor relationship is torn down quicker than waiting for three BGP keepalives to fail at a default BGP hold-time of 180 seconds or even the optional, more aggressive BGP hold-time of 18 seconds.

You can enable BFD when creating a new virtual circuit or editing an existing one by selecting a check box during your configuration. Configure BFD on your CPE when it’s been enabled in the Oracle Cloud Console so that the BFD session can be established. If you only enabled BFD on your virtual circuit and have not yet configured BFD on your CPE, don’t worry! Your BGP session doesn’t go down as a result. BFD only detects a failure for an already established BFD session. If one hasn’t been established, there’s no failure to detect.

Disabling BFD on the Oracle end of the FastConnect for any reason can result in a brief disruption of traffic and cause your virtual circuit’s BGP session to reset. Likewise, disabling BFD on one side of the connection after a BFD session has already been established can result in a disruption to traffic.

A screenshot of the check box to enable bidirectional forwarding detection in the Console, outlined in red.

Oracle FastConnect utilizes a fixed value of 300 ms for the interval timers and a detection multiplier of three, although you can negotiate higher timers through your CPE’s BFD configuration.

BFD is also supported for IPv6 over FastConnect. If you already enabled IPv6 BGP for your FastConnect and turned on BFD, also configure BFD for IPv4 and IPv6 BGP neighbor and address families when configuring your CPE.

Disable virtual circuit

You can now disable and reenable your existing FastConnect virtual circuit from the Oracle Cloud Console. By disabling the virtual circuit, its BGP session is deleted, and the virtual circuit stops forwarding traffic until you manually enable it again. When the virtual circuit has been reenabled, its BGP session is brought back up, and the virtual circuit begins forwarding traffic again.

This toggle can force a failover of your traffic if you need to perform maintenance on your on-premises device. You can also use it for failover testing to validate full end-to-end reachability during specific outage scenarios without having to make changes to your on-premises device or relying on your provider to force a failover.

Other FastConnect metrics

We’ve also added other FastConnect metrics viewable for each individual virtual circuit. Along with packets and bytes sent and received, you can now see metrics for bits sent and bits received. These metrics display the number of bits sent or received at the FastConnect interface for the Oracle end of your connection. You can view these new metrics in Oracle Cloud Console under your virtual circuit or take advantage of the OCI Monitoring service to create custom queries which can be viewed in the Console or sent to your third-party monitoring tools.

Conclusion

Thank you for your interest in Oracle Cloud Infrastructure FastConnect. We’re pleased to bring you these three new enhancements for FastConnect: BFD, the ability to disable your virtual circuit, and other FastConnect metrics. All these features are now available in all OCI regions for both private and public peering.

For customers who require more network resiliency, Oracle recommends enabling BFD as a best practice for fast link failure detection. We encourage you to learn more about FastConnect, BFD, and all our FastConnect features in the available FastConnect documentation and look forward to any product feedback you have.

Misha Kasvin

Principal Solutions Architect, OCI Networking Services


Previous Post

Reshaping Business with Intelligent Applications

Niharika Kalra | 4 min read

Next Post


Secure deployments to private Kubernetes clusters with OCI DevOps

Saurabh Shah | 2 min read