BGP backdoor

BGP, Route 2 Minutes
Link between 1841-1 and 1841-2 is running an IGP (RIP, OSPF or EIGRP). Supposed this link is 10Gbps, and the remainder two links are 1Gbps, the traffic sent from AS64513 to AS64512 will by default go to AS65000, then to AS64512. This is because eBGP has an AD of 20, router will trust this route.

From the above caption, you can see by default the traffic from AS64513 to AS64512 will transit over at AS65000 which can utilize 2Gbps, to use an optimize route between AS64512 and AS64513 is either change the AD of BGP (distance bgp <external distance> <internal distance> <local distance>, default 20 200 200 respectively) or use BGP backdoor. BGP backdoor will make the IGP route a preferred route.

Reference: http://blog.alwaysthenetwork.com/tutorials/bgp-backdoor-lab/ and http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800c95bb.shtml#bgpbackdoor

1841-1 and 1841-2 table

1841-1#sh ip bgp | b Origin
Origin codes: i – IGP, e – EGP, ? – incomplete

Network          Next Hop            Metric LocPrf Weight Path
*> 10.1.1.0/24      120.1.1.1                              0 65000 64513 i
*> 172.16.1.0/24    0.0.0.0                  0         32768 i

1841-1#sh ip route | b Gateway
Gateway of last resort is not set

1.0.0.0/24 is subnetted, 1 subnets
C       1.1.1.0 is directly connected, FastEthernet0/1
100.0.0.0/32 is subnetted, 1 subnets
C       100.1.1.1 is directly connected, Loopback64512
172.16.0.0/24 is subnetted, 1 subnets
C       172.16.1.0 is directly connected, Loopback0
10.0.0.0/24 is subnetted, 1 subnets
B       10.1.1.0 [20/0] via 120.1.1.1, 00:28:13
192.168.1.0/30 is subnetted, 1 subnets
C       192.168.1.0 is directly connected, FastEthernet0/0
120.0.0.0/32 is subnetted, 1 subnets
S       120.1.1.1 [1/0] via 1.1.1.3

Eigrp route is not installed as best route in routing table. EIGRP default AD 90, eBGP default AD is 20.

1841-2#sh ip route | b Gateway
Gateway of last resort is not set

2.0.0.0/24 is subnetted, 1 subnets
C       2.2.2.0 is directly connected, FastEthernet0/1
100.0.0.0/32 is subnetted, 1 subnets
S       100.1.1.1 [1/0] via 192.168.1.1
172.16.0.0/24 is subnetted, 1 subnets
B       172.16.1.0 [20/0] via 120.1.1.1, 00:27:48
110.0.0.0/32 is subnetted, 1 subnets
C       110.1.1.1 is directly connected, Loopback64513
10.0.0.0/24 is subnetted, 1 subnets
C       10.1.1.0 is directly connected, Loopback0
192.168.1.0/30 is subnetted, 1 subnets
C       192.168.1.0 is directly connected, FastEthernet0/0
120.0.0.0/32 is subnetted, 1 subnets
S       120.1.1.1 [1/0] via 2.2.2.3
1841-2#

Supposed 1841-1 wants to reach 10.1.1.1 which is in AS 64513

1841-1(config-router)#network 10.1.1.0 mask 255.255.255.0 backdoor

1841-1 learned the network 10.1.1.0/24 through EIGRP.

1841-1#sh ip route | b Gateway
Gateway of last resort is not set

1.0.0.0/24 is subnetted, 1 subnets
C       1.1.1.0 is directly connected, FastEthernet0/1
100.0.0.0/32 is subnetted, 1 subnets
C       100.1.1.1 is directly connected, Loopback64512
172.16.0.0/24 is subnetted, 1 subnets
C       172.16.1.0 is directly connected, Loopback0
10.0.0.0/24 is subnetted, 1 subnets
D       10.1.1.0 [90/156160] via 192.168.1.2, 00:02:07, FastEthernet0/0
192.168.1.0/30 is subnetted, 1 subnets
C       192.168.1.0 is directly connected, FastEthernet0/0
120.0.0.0/32 is subnetted, 1 subnets
S       120.1.1.1 [1/0] via 1.1.1.3

Supposed 1841-2 wants to reach 172.16.1.0/24 network in AS64512

1841-2(config-router)#network 172.16.1.0 mask 255.255.255.0 backdoor

Similarly, the route to 17.16.1.0/24 is also learned from EIGRP.

1841-2(config-router)#do sh ip route | b Gateway
Gateway of last resort is not set

2.0.0.0/24 is subnetted, 1 subnets
C       2.2.2.0 is directly connected, FastEthernet0/1
100.0.0.0/32 is subnetted, 1 subnets
S       100.1.1.1 [1/0] via 192.168.1.1
172.16.0.0/24 is subnetted, 1 subnets
D       172.16.1.0 [90/156160] via 192.168.1.1, 00:00:40, FastEthernet0/0
110.0.0.0/32 is subnetted, 1 subnets
C       110.1.1.1 is directly connected, Loopback64513
10.0.0.0/24 is subnetted, 1 subnets
C       10.1.1.0 is directly connected, Loopback0
192.168.1.0/30 is subnetted, 1 subnets
C       192.168.1.0 is directly connected, FastEthernet0/0
120.0.0.0/32 is subnetted, 1 subnets
S       120.1.1.1 [1/0] via 2.2.2.3

EIGRP configuration for 1841-2

1841-2#sh run | s router eigrp
router eigrp 100
passive-interface default
no passive-interface FastEthernet0/0
no passive-interface Loopback0
network 10.1.1.1 0.0.0.0
network 192.168.1.2 0.0.0.0
no auto-summary

EIGRP configuration for 1841-1

1841-1#sh run | s router eigrp
router eigrp 100
passive-interface default
no passive-interface FastEthernet0/0
no passive-interface Loopback0
network 172.16.1.1 0.0.0.0
network 192.168.1.1 0.0.0.0
no auto-summary

BGP configuration for 1841-1

1841-1#sh run | s router bgp
router bgp 64512
no synchronization
bgp log-neighbor-changes
network 10.1.1.0 mask 255.255.255.0 backdoor
network 172.16.1.0 mask 255.255.255.0
neighbor 120.1.1.1 remote-as 65000
neighbor 120.1.1.1 ebgp-multihop 2
neighbor 120.1.1.1 update-source Loopback64512
no auto-summary

BGP configuration for 1841-2

1841-2#sh run | s router bgp
router bgp 64513
no synchronization
bgp log-neighbor-changes
network 10.1.1.0 mask 255.255.255.0
network 172.16.1.0 mask 255.255.255.0 backdoor
neighbor 120.1.1.1 remote-as 65000
neighbor 120.1.1.1 ebgp-multihop 2
neighbor 120.1.1.1 update-source Loopback64513
no auto-summary

BGP configuration for 2651-1

2651-1#sh run | s router bgp
router bgp 65000
no synchronization
bgp log-neighbor-changes
neighbor 100.1.1.1 remote-as 64512
neighbor 100.1.1.1 ebgp-multihop 2
neighbor 100.1.1.1 update-source Loopback65000
neighbor 110.1.1.1 remote-as 64513
neighbor 110.1.1.1 ebgp-multihop 2
neighbor 110.1.1.1 update-source Loopback65000
no auto-summary

Advertisement

Published by cyruslab

Published

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s