BGP backdoor it’s a well-known feature of the BGP which is used to change the AD (administrative distance) of eBGP. By default, external BGP (eBGP) has an administrative distance value of 20 with the help of a backdoor command you can set 200 AD. If two routing protocols provide route information for the same destination the administrative distance is the first criterion that a router uses to determine which routing protocol to use for the best path. The lowest AD value is a more reliable protocol and link.
Why do we
need to change eBGP AD?
Whenever our
router learns about a network (prefix) through eBGP and also with an IGP protocol like OSPF EIGRP or RIP then our router always chooses the Ebgp route
because Ebgp uses an administrative distance value of 20 so our router by default
prefers eBGP over EIGRP AD 90, RIP AD 120, OSPF AD 110.
In some scenarios this becomes a problem let’s
see the configuration.
Topology:
Goal:
- configure the topology as per the diagram.
- assign the IP addresses
- configure EIGRP 100 on router 1 and router 3
- advertise the interfaces
- configure eBGP peering between router 1 and 2
- configure eBGP peering between router 2 and router 3
- make sure router 1 gets the 192.168.30.1 route from serial 4/3 link via EIGRP.
- configure backdoor in order to get 192.168.30.1 route via serial link 4/3 from router 3.
R1(config)#interface fastEthernet 0/0
R1(config-if)#ip address 10.1.1.1 255.0.0.0
R1(config-if)#no shutdown
R1(config-if)#no keepalive
R1(config-if)#exit
R1(config)#interface serial 4/2
R1(config-if)#ip address 3.3.3.2 255.0.0.0
R1(config-if)#no shutdown
R1(config-if)#exit
R1(config)#interface loopback 0
R1(config-if)#ip address 192.168.10.1 255.255.255.255
R1(config-if)#no shutdown
R1(config-if)#exit
R2(config)#interface serial 4/0
R2(config-if)#ip address 1.1.1.2 255.0.0.0
R2(config-if)#no shutdown
R2(config-if)#exit
R2(config)#interface serial 4/1
R2(config-if)#ip address 2.2.2.1 255.0.0.0
R2(config-if)#no shutdown
R2(config-if)#exit
R2(config)#interface fastethernet 0/0
R2(config-if)#ip address 20.1.1.1 255.0.0.0
R2(config-if)#no shutdown
R2(config-if)#no keepalive
R2(config-if)#exit
R2(config)#interface loopback 0
R2(config-if)#ip address 192.168.20.1 255.255.255.255
R2(config-if)#no shutdown
R2(config-if)#exit
R3(config)#interface serial 4/1
R3(config-if)#ip address 2.2.2.2 255.0.0.0
R3(config-if)#no shutdown
R3(config-if)#exit
R3(config)#interface serial 4/2
R3(config-if)#ip address 3.3.3.1 255.0.0.0
R3(config-if)# no shutdown
R3(config-if)#exit
R3(config)#interface fastEthernet 0/0
R3(config-if)#ip address 30.1.1.1 255.0.0.0
R3(config-if)#no shutdown
R3(config-if)#no keepalive
R3(config-if)#exit
R1(config)#router eigrp 100
R1(config-router)#network 192.168.10.0
R1(config-router)#network 3.0.0.0
R1(config-router)#exit
*May 20 13:40:19.679: %DUAL-5-NBRCHANGE: EIGRP-IPv4 100: Neighbor 3.3.3.1 (Serial4/2) is up: new adjacency
R1(config)#router bgp 6111
R1(config-router)#neighbor 1.1.1.2 remote-as 6100
R1(config-router)#network 192.168.10.1 mask 255.255.255.255
R1(config-router)#network 10.0.0.0
R1(config-router)#exit
R1(config)#end
*May 20 13:43:29.459: %BGP-5-ADJCHANGE: neighbor 1.1.1.2 Up
R2(config)#router bgp 6100
R2(config-router)#neighbor 1.1.1.1 remote-as 6111
R2(config-router)#network 192.168.20.1 mask 255.255.255.255
R2(config-router)#neighbor 2.2.2.2 remote-as 6333
R2(config-router)#exit
20 13:43:29.531: %BGP-5-ADJCHANGE: neighbor 1.1.1.1 Up
R3(config)#router eigrp 100
R3(config-router)#network 3.0.0.0
R3(config-router)#network 192.168.30.0
R3(config-router)#exit
*May 20 13:40:19.663: %DUAL-5-NBRCHANGE: EIGRP-IPv4 100: Neighbor 3.3.3.2 (Serial4/2) is up: new adjacency
R3(config)#router bgp 6333
R3(config-router)#neighbor 2.2.2.1 remote-as 6100
R3(config-router)#network 30.0.0.0
R3(config-router)#network 192.168.30.1 mask 255.255.255.255
R3(config-router)#exit
R3(config)#end
*May 20 13:42:50.559: %BGP-5-ADJCHANGE: neighbor 2.2.2.1 Up
R3#show ip route 192.168.10.1 longer-prefixes
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
192.168.10.0/32 is subnetted, 1 subnets
B 192.168.10.1 [20/0] via 2.2.2.1, 00:02:03
( as can see from the above output router 3 is getting (R1) 192.168.10.1 route from route via serial 4/0 to serial 4/1 {2.2.2.1} R2. because of the lower AD value of eBGP )
Let's see on router 1 from where it's getting 192.168.30.1 network
R1#show ip route 192.168.30.1 longer-prefixes
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
192.168.30.0/32 is subnetted, 1 subnets
B 192.168.30.1 [20/0] via 1.1.1.2, 00:01:44
( router 1 is also installing 192.168.30.1 network from router 1 because of lower AD of eBGP)
We need to fix this with help of the BGP backdoor command.
R1(config)#router bgp 6111
R1(config-router)#network 192.168.30.1 mask 255.255.255.255 backdoor
R1(config-router)#exit
R3(config)#router bgp 6333
R3(config-router)#network 192.168.10.1 mask 255.255.255.255 backdoor
R3#show ip route 192.168.10.1 longer-prefixes
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
192.168.10.0/32 is subnetted, 1 subnets
D 192.168.10.1 [90/2297856] via 3.3.3.2, 00:38:02, Serial4/2
( as you can see after applying the backdoor command now our routers installing a new path)
A
backdoor network is treated as a local network, except that it is not
advertised.
R1#show ip route 192.168.30.1 longer-prefixes
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
192.168.30.0/32 is subnetted, 1 subnets
D 192.168.30.1 [90/2297856] via 3.3.3.1, 00:02:17, Serial4/2
4 comments:
Very good, Thanks.
Understandable explanation
Fab mate, thanks
Thank you very much, it was great.
Post a Comment