September 29, 2021 By jason-mcalpin 2 min read

Introducing support for Bidirectional Forwarding Detection and Message Digest 5 authentication.

IBM Cloud Direct Link allows direct, private connectivity between your infrastructure and both IBM Cloud VPC and IBM classic infrastructure. The speed and reliability of IBM Cloud Direct Link extend your organization’s data center network and offers more consistent, higher-throughput connectivity, keeping traffic within the IBM Cloud network.

Today, we are pleased to announce the general availability of the following new Border Gateway Protocol (BGP) features for both Direct Link Dedicated and Connect offerings.   

Bidirectional Forwarding Detection (BFD) 

BFD quickly detects faults in a network between two routers or switches connected by a link. It provides a single, standardized method for failover detection at any protocol layer over any media. BFD also provides a way for network administrators to detect forwarding-path failures at a uniform rate, rather than the variable rates of different routing protocol hello mechanisms. Network profiling and planning is easier, and reconvergence time is predictable, consistent and significantly faster.

BFD support comes pre-enabled with your direct link. However, BFD doesn’t start working until you activate the feature during direct link creation or on an existing direct link. No prerequisites are required. Simply configure this feature with the following values:

  • Interval: The interval is the minimum time (in milliseconds) expected to occur between when the local routing device sends BFD hello packets and the reply from its neighbor. This value can range from 300 to 255,000 milliseconds.
  • Multiplier: The multiplier is the number of times that a hello packet is missed before BFD declares the neighbor down. This value can range from 1 to 255. The default multiplier value is 3.

BGP Message Digest 5 (MD5) Authentication

BGP MD5 authentication adds an additional layer of security between two BGP peers by verifying each transmitted message sent through a BGP session. When authentication is activated, BGP authenticates every TCP segment from its peer and checks the source of each routing update. 

Similar to BFD, BGP MD5 authentication is pre-enabled with your direct link. You can configure MD5 authentication during direct link creation or configure MD5 on an existing direct link. You must configure MD5 authentication with the same password on both BGP peers; otherwise, a connection can’t be made between the peers.

Flexibility to update your BGP configuration at any time

Instead of being able to specify a BGP Autonomous System Number (ASN) and IP addresses only during initial configuration, you can now edit these values any time you choose.

Important: Keep in mind that the following tasks result in downtime where traffic is interrupted:

  • Activating and deactivating MD5, or rotating MD5 key authentication after a BGP session is established 
  • Activating and deactivating BFD after establishing a BGP session
  • Modifying BGP ASN and BGP peer IPs after initial configuration

You can use the UI, CLI, API or Terraform to configure BFD and BGP MD5 authentication. For more information about these new features, see Getting started with IBM Cloud Direct Link.

More from Announcements

IBM Hybrid Cloud Mesh and Red Hat Service Interconnect: A new era of app-centric connectivity 

2 min read - To meet customer demands, applications are expected to be performing at their best at all times. Simultaneously, applications need to be flexible and cost effective, and therefore supported by an underlying infrastructure that is equally reliant, performant and secure as the applications themselves.   Easier said than done. According to EMA's 2024 Network Management Megatrends report only 42% of responding IT professionals would rate their network operations as successful.   In this era of hyper-distributed infrastructure where our users, apps, and data…

IBM named a Leader in Gartner Magic Quadrant for SIEM, for the 14th consecutive time

3 min read - Security operations is getting more complex and inefficient with too many tools, too much data and simply too much to do. According to a study done by IBM, SOC team members are only able to handle half of the alerts that they should be reviewing in a typical workday. This potentially leads to missing the important alerts that are critical to an organization's security. Thus, choosing the right SIEM solution can be transformative for security teams, helping them manage alerts…

IBM and MuleSoft expand global relationship to accelerate modernization on IBM Power 

2 min read - As companies undergo digital transformation, they rely on APIs as the backbone for providing new services and customer experiences. While APIs can simplify application development and deliver integrated solutions, IT shops must have a robust solution to effectively manage and govern them to ensure that response times and costs are kept low for all applications. Many customers use Salesforce’s MuleSoft, named a leader by Gartner® in full lifecycle API management for seven consecutive times, to manage and secure APIs across…

IBM Newsletters

Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters