[c-nsp] BFD with multiple neighbors on a broadcast segment

[Christopher.Marget at usc-bt.com]

I had a problem with BFD while doing some Nexus 7000 testing recently, and wonder if what I'm trying to do isn't expected to work:

- 3 OSPF routers (all Nexus 7000) sharing a common broadcast domain with a /29 subnet mask.
- The OSPF interfaces are SVIs.
- The VLAN is forwarding only on a single trunk interface on each Nexus.
- The 3 Nexus 7000s are connected to a single L2 switch.

So, it's an L2 hub with 3 spokes.  There are no redundant links and no interfaces are blocked by STP.

With BFD configured, everything works as I expected:  BFD on each Nexus monitors forwarding plane availability of both peers on the broadcast domain.

So far, no problems.

Next, I removed the L2 hub switch and reconfigured the broadcast domain into an L2 triangle, with 7K-B as the root.  STP blocked the link between 7K-A and 7K-C.  Each router saw the other two as fully adjacent OSPF neighbors.

Now the BFD sessions wouldn't all come up.  BFD on each 7K knows about both neighbors (presumably having been informed about them by OSPF), but only 7K-B sees both neighbors as "up".
7K-A sees: 7K-B "up" and 7K-C "down"
7K-C sees: 7K-B "up" and 7K-A "down"

The BFD session between 7K-A and 7K-C should be transiting 7K-B (at L2), but doesn't work.  These two never see each other as up.  If I rearrange STP so that a different link is blocking, then different pairs of routers fail to set up BFD sessions.  The non-STP root switches never establish a BFD session through the STP root.

If I shut down the SVI on the STP root (turning it into an L2-only switch), then the outstanding BFD session comes right up.

This seems very strange to me.  Should I expect BFD to fail when transiting an L2 switch that *also* offers L3 service to the broadcast domain?

I wish I had 'show' command output to share, but I don't have the equipment required to record and reproduce this behavior.