Tips & Tricks: Fast Failover with BFD

Showing results for 
Show  only  | Search instead for 
Did you mean: 
Community Team Member

General Graphics.jpg


Are you aware that the firewall supports Bidirectional Forwarding Detection (BFD)?


BFD failure detection is very fast and as a result, allows for faster failover than native dynamic routing protocol failure mechanisms. The time to detect failures in existing routing protocols is no better than one second. BFD failure detection is extremely fast, providing for faster failover. With BFD, failures can be detected in less than 1 second! BFD creates a session between a firewall and its peer using a three-way handshake. Control packets that function like hello packets perform the handshake and negotiate session parameters in a BFD profile like minimum intervals at which the peers can send and receive control packets.


Screen Shot 2022-10-21 at 5.39.30 AM.png


If a peer does not receive a control packet within the detection time (calculated as the negotiated transmit interval multiplied by a Detection Time Multiplier), the peer considers the session down. BFD then notifies the routing protocol to switch to an alternate path. 


To set up BFD, you can navigate to Network -> Network Profiles -> BFD Profile -> Create a new profile or use default timers. Once a profile is created, navigate to Network -> Virtual Routers -> Choose the type of routing -> Select BFD profile
Screen Shot 2022-10-21 at 6.13.07 AM.png


If you are looking to provide high availability and fast failover to your network, give BFD a shot! 


Thank you for taking the time to read this blog.

Don't forget to hit the Like (thumbs up) button and to Subscribe to the LIVEcommunity Blog area.


@JayGolf out!


  • 325 Subscriptions
Register or Sign-in