HP VPN Firewall Appliances Network Management Configuration Guide
839
Total number of peers : 2 Peers in established state : 2
Peer AS MsgRcvd MsgSent OutQ PrefRcv Up/Down State
2001::1 200 7 10 0 0 00:01:05 Established
3001::1 200 7 10 0 0 00:01:34 Established
# Display route 1200::0/64 on Firewall B, and you can see that Firewall A and Firewall B
communicate through Router A.
<FirewallB> display ipv6 routing-table 1200::0 64 verbose
Routing Table :
Summary Count : 2
Destination : 1200:: PrefixLength : 64
NextHop : 3001::1 Preference : 255
RelayNextHop : 3002::1 Tag : 0H
Neighbor : 3001::1 ProcessID : 0
Interface : GigabitEthernet1/1 Protocol : BGP4+
State : Active Adv Cost : 50
Tunnel ID : 0x0 Label : NULL
Age : 4538sec
Destination : 1200:: PrefixLength : 64
NextHop : 2001::1 Preference : 255
RelayNextHop : 2002::1 Tag : 0H
Neighbor : 2001::1 ProcessID : 0
Interface : GigabitEthernet1/2 Protocol : BGP4+
State : Invalid Adv Cost : 100
Tunnel ID : 0x0 Label : NULL
Age : 4515sec
The output shows that Firewall B has two routes to reach network 1200::0/64: Firewall
A<—>Router A<—>Firewall B, which is the currently active route, and Firewall A<—>Router
B<—>Firewall B, which is the backup route.
# Enable BFD debugging on Firewall B.
<FirewallB> debugging bfd scm
<FirewallB> debugging bfd event
<FirewallB> debugging bgp bfd
<FirewallB> terminal monitor
<FirewallB> terminal debugging
# The following debugging information shows that Firewall B can quickly detect the failure on
Router A.
%Nov 5 11:42:24:172 2009 FirewallB BFD/5/BFD_CHANGE_FSM:
Sess[3002::2/3001::1,13/17,GE1/1,Ctrl], Sta: UP->DOWN, Diag: 1
%Nov 5 11:42:24:172 2009 FirewallB BGP/5/BGP_STATE_CHANGED: 3001::1 state is changed
from ESTABLISHED to IDLE.
*Nov 5 11:42:24:187 2009 FirewallB RM/6/RMDEBUG: BGP_BFD: Recv BFD DOWN msg, Src IP
3002::2, Dst IP 3001::1, Instance ID 0.
*Nov 5 11:42:24:187 2009 FirewallB RM/6/RMDEBUG: BGP_BFD: Reset BGP session 3001::1
for BFD session down.