September 29, 2021 By Gilberto Tellez
Vaishali Pandya
2 min read

Introducing support for Bidirectional Forwarding Detection and Message Digest 5 authentication.

IBM Cloud Direct Link allows direct, private connectivity between your infrastructure and both IBM Cloud VPC and IBM classic infrastructure. The speed and reliability of IBM Cloud Direct Link extend your organization’s data center network and offers more consistent, higher-throughput connectivity, keeping traffic within the IBM Cloud network.

Today, we are pleased to announce the general availability of the following new Border Gateway Protocol (BGP) features for both Direct Link Dedicated and Connect offerings.   

Bidirectional Forwarding Detection (BFD) 

BFD quickly detects faults in a network between two routers or switches connected by a link. It provides a single, standardized method for failover detection at any protocol layer over any media. BFD also provides a way for network administrators to detect forwarding-path failures at a uniform rate, rather than the variable rates of different routing protocol hello mechanisms. Network profiling and planning is easier, and reconvergence time is predictable, consistent and significantly faster.

BFD support comes pre-enabled with your direct link. However, BFD doesn’t start working until you activate the feature during direct link creation or on an existing direct link. No prerequisites are required. Simply configure this feature with the following values:

  • Interval: The interval is the minimum time (in milliseconds) expected to occur between when the local routing device sends BFD hello packets and the reply from its neighbor. This value can range from 300 to 255,000 milliseconds.
  • Multiplier: The multiplier is the number of times that a hello packet is missed before BFD declares the neighbor down. This value can range from 1 to 255. The default multiplier value is 3.

BGP Message Digest 5 (MD5) Authentication

BGP MD5 authentication adds an additional layer of security between two BGP peers by verifying each transmitted message sent through a BGP session. When authentication is activated, BGP authenticates every TCP segment from its peer and checks the source of each routing update. 

Similar to BFD, BGP MD5 authentication is pre-enabled with your direct link. You can configure MD5 authentication during direct link creation or configure MD5 on an existing direct link. You must configure MD5 authentication with the same password on both BGP peers; otherwise, a connection can’t be made between the peers.

Flexibility to update your BGP configuration at any time

Instead of being able to specify a BGP Autonomous System Number (ASN) and IP addresses only during initial configuration, you can now edit these values any time you choose.

Important: Keep in mind that the following tasks result in downtime where traffic is interrupted:

  • Activating and deactivating MD5, or rotating MD5 key authentication after a BGP session is established 
  • Activating and deactivating BFD after establishing a BGP session
  • Modifying BGP ASN and BGP peer IPs after initial configuration

You can use the UI, CLI, API or Terraform to configure BFD and BGP MD5 authentication. For more information about these new features, see Getting started with IBM Cloud Direct Link.

More from Cloud

IBM Cloud Virtual Servers and Intel launch new custom cloud sandbox

4 min read - A new sandbox that use IBM Cloud Virtual Servers for VPC invites customers into a nonproduction environment to test the performance of 2nd Gen and 4th Gen Intel® Xeon® processors across various applications. Addressing performance concerns in a test environment Performance testing is crucial to understanding the efficiency of complex applications inside your cloud hosting environment. Yes, even in managed enterprise environments like IBM Cloud®. Although we can deliver the latest hardware and software across global data centers designed for…

10 industries that use distributed computing

6 min read - Distributed computing is a process that uses numerous computing resources in different operating locations to mimic the processes of a single computer. Distributed computing assembles different computers, servers and computer networks to accomplish computing tasks of widely varying sizes and purposes. Distributed computing even works in the cloud. And while it’s true that distributed cloud computing and cloud computing are essentially the same in theory, in practice, they differ in their global reach, with distributed cloud computing able to extend…

How a US bank modernized its mainframe applications with IBM Consulting and Microsoft Azure

9 min read - As organizations strive to stay ahead of the curve in today's fast-paced digital landscape, mainframe application modernization has emerged as a critical component of any digital transformation strategy. In this blog, we'll discuss the example of a US bank which embarked on a journey to modernize its mainframe applications. This strategic project has helped it to transform into a more modern, flexible and agile business. In looking at the ways in which it approached the problem, you’ll gain insights into…

IBM Newsletters

Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters