What is BGP Backdoor? How to configure BGP Backdoor?

 BGP backdoor it’s a well-known feature of the BGP which is used to change the AD (administrative distance) of eBGP. By default, external BGP (eBGP) has an administrative distance value of 20 with the help of a backdoor command you can set 200 AD. If two routing protocols provide route information for the same destination the administrative distance is the first criterion that a router uses to determine which routing protocol to use for the best path.  The lowest AD value is a more reliable protocol and link.

 

Why do we need to change eBGP AD?

Whenever our router learns about a network (prefix) through eBGP and also with an IGP protocol like OSPF EIGRP or RIP then our router always chooses the Ebgp route because Ebgp uses an administrative distance value of 20 so our router by default prefers eBGP over EIGRP AD 90, RIP AD 120, OSPF AD 110.

 In some scenarios this becomes a problem let’s see the configuration.

Topology:

Goal:

• configure the topology as per the diagram.
• assign the IP addresses 
• configure EIGRP 100 on router 1 and router 3
• advertise the interfaces
• configure eBGP peering between router 1 and 2
• configure eBGP peering between router 2 and router 3
•  make sure router 1 gets the 192.168.30.1 route from serial 4/3 link via EIGRP. 
• configure backdoor in order to get 192.168.30.1 route via serial link 4/3 from router 3.

R1(config)#interface fastEthernet 0/0

R1(config-if)#ip address 10.1.1.1 255.0.0.0

R1(config-if)#no shutdown

R1(config-if)#no keepalive

R1(config-if)#exit

R1(config)#interface serial 4/2

R1(config-if)#ip address 3.3.3.2 255.0.0.0

R1(config-if)#no shutdown

R1(config-if)#exit

R1(config)#interface loopback 0

R1(config-if)#ip address 192.168.10.1 255.255.255.255

R1(config-if)#no shutdown

R1(config-if)#exit

R2(config)#interface serial 4/0

R2(config-if)#ip address 1.1.1.2 255.0.0.0

R2(config-if)#no shutdown

R2(config-if)#exit

R2(config)#interface serial 4/1

R2(config-if)#ip address 2.2.2.1 255.0.0.0

R2(config-if)#no shutdown

R2(config-if)#exit

R2(config)#interface fastethernet 0/0

R2(config-if)#ip address 20.1.1.1 255.0.0.0

R2(config-if)#no shutdown

R2(config-if)#no keepalive

R2(config-if)#exit

R2(config)#interface loopback 0

R2(config-if)#ip address 192.168.20.1 255.255.255.255

R2(config-if)#no shutdown

R2(config-if)#exit

R3(config)#interface serial 4/1

R3(config-if)#ip address 2.2.2.2 255.0.0.0

R3(config-if)#no shutdown

R3(config-if)#exit

R3(config)#interface serial 4/2

R3(config-if)#ip address 3.3.3.1 255.0.0.0

R3(config-if)# no shutdown

R3(config-if)#exit

R3(config)#interface fastEthernet 0/0

R3(config-if)#ip address 30.1.1.1 255.0.0.0

R3(config-if)#no shutdown

R3(config-if)#no keepalive

R3(config-if)#exit

R1(config)#router eigrp 100

R1(config-router)#network 192.168.10.0

R1(config-router)#network 3.0.0.0

R1(config-router)#exit

*May 20 13:40:19.679: %DUAL-5-NBRCHANGE: EIGRP-IPv4 100: Neighbor 3.3.3.1 (Serial4/2) is up: new adjacency

R1(config)#router bgp 6111

R1(config-router)#neighbor 1.1.1.2 remote-as 6100

R1(config-router)#network 192.168.10.1 mask 255.255.255.255

R1(config-router)#network 10.0.0.0

R1(config-router)#exit

R1(config)#end

*May 20 13:43:29.459: %BGP-5-ADJCHANGE: neighbor 1.1.1.2 Up

R2(config)#router bgp 6100

R2(config-router)#neighbor 1.1.1.1 remote-as 6111

R2(config-router)#network 192.168.20.1 mask 255.255.255.255

R2(config-router)#neighbor 2.2.2.2 remote-as 6333

R2(config-router)#exit

 20 13:43:29.531: %BGP-5-ADJCHANGE: neighbor 1.1.1.1 Up

R3(config)#router eigrp 100

R3(config-router)#network 3.0.0.0

R3(config-router)#network 192.168.30.0

R3(config-router)#exit

*May 20 13:40:19.663: %DUAL-5-NBRCHANGE: EIGRP-IPv4 100: Neighbor 3.3.3.2 (Serial4/2) is up: new adjacency

R3(config)#router bgp 6333

R3(config-router)#neighbor 2.2.2.1 remote-as 6100

R3(config-router)#network 30.0.0.0

R3(config-router)#network 192.168.30.1 mask 255.255.255.255

R3(config-router)#exit

R3(config)#end

*May 20 13:42:50.559: %BGP-5-ADJCHANGE: neighbor 2.2.2.1 Up

R3#show ip route 192.168.10.1 longer-prefixes

Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2

       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

       ia - IS-IS inter area, * - candidate default, U - per-user static route

       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP

       + - replicated route, % - next hop override

Gateway of last resort is not set

      192.168.10.0/32 is subnetted, 1 subnets

B        192.168.10.1 [20/0] via 2.2.2.1, 00:02:03

( as can see from the above output router 3 is getting  (R1) 192.168.10.1 route from route via serial 4/0 to serial 4/1 {2.2.2.1} R2. because of the lower AD value of eBGP )

 Let's see on  router 1 from where it's getting 192.168.30.1 network 

R1#show ip route 192.168.30.1 longer-prefixes

Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2

       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

       ia - IS-IS inter area, * - candidate default, U - per-user static route

       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP

       + - replicated route, % - next hop override

Gateway of last resort is not set

      192.168.30.0/32 is subnetted, 1 subnets

B        192.168.30.1 [20/0] via 1.1.1.2, 00:01:44

( router 1 is also installing 192.168.30.1 network  from router 1 because of lower AD of eBGP)

We need to fix this with help of the BGP backdoor command.

R1(config)#router bgp 6111

R1(config-router)#network 192.168.30.1 mask 255.255.255.255 backdoor

R1(config-router)#exit

R3(config)#router bgp 6333

R3(config-router)#network 192.168.10.1 mask 255.255.255.255 backdoor

R3#show ip route 192.168.10.1 longer-prefixes

Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2

       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

       ia - IS-IS inter area, * - candidate default, U - per-user static route

       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP

       + - replicated route, % - next hop override

Gateway of last resort is not set

      192.168.10.0/32 is subnetted, 1 subnets

D        192.168.10.1 [90/2297856] via 3.3.3.2, 00:38:02, Serial4/2

( as you can see after applying the backdoor command now our routers installing a new path)

A backdoor network is treated as a local network, except that it is not advertised. 

R1#show ip route 192.168.30.1 longer-prefixes

Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2

       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

       ia - IS-IS inter area, * - candidate default, U - per-user static route

       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP

       + - replicated route, % - next hop override

Gateway of last resort is not set

      192.168.30.0/32 is subnetted, 1 subnets

D        192.168.30.1 [90/2297856] via 3.3.3.1, 00:02:17, Serial4/2

What is BGP RR Cluster ? How to configure Cluster RR server?

Route Reflector Cluster

A BGP enabled router or BGP speakers. By default BGP speakers routers does not advertise iBGP-learned prefixes to iBGP peers routers - this has to be done to maintain loop prevention. RFC4456 introduces the route reflection feature which help to  removes the need of full mesh configuration between iBGP speakers routers. When route reflector reflects a route, it creates and modifies an optional non-transitive attribute called CLUSTER_LIST by adding its own cluster ID to it. This attribute is used for loop prevention: when a BGP router receives update which CLUSTER_LIST contains router's own cluster ID, this update is discarded.

Route reflector

Route Reflector scalable alternative to an ibgp full mesh its allow a  BGP speaker (route reflector –RR) to advertise route received from an ibgp peer to other ibgp peers.

note:client update server. Server update to all the remaining clients.

All client should establish neighbor with only servers . client will not establish neighbor with any other client. In case if you have 2 servers ( server establish neighbor with other servers and clients).

Route reflector clusters

A group of redundant route reflector and their clients from a cluster. Route reflector rules divide a transit AS into smaller areas (called clusters). Each BGP cluster must have a unique cluster-id. Every time a prefixe is reflected, the cluster-id is added to the cluster-id BGP attribute. The prefixe that already contains the local cluster-id in the cluster-list is not reflector

Note:Each cluster contain route reflectors and  route reflector clients.

Lets see the configuration :-

Topology:

BGP Attributes

BGP Attributes

 BGP support a wide variety of path attribute, BGP chooses a route to a network based on the attributes of its path.

Four categories of attributes exist are as follows:-

• Well-known mandatory
• Well-known discretionary
• Optional transitive
• Optional non-transitive

Well-known mandatory attributes must be recognized by all BGP routers, present in all BGP updates, and passed on to other BGP routers. AS path, origin, and next hop.

Well-known discretionary must be recognized by all BGP routers and passed on to other BGP routers but need not be present in an update. Local preference

Optional transitive might or might not be recognized by a BGP router but is passed on to other BGP routers.

If not recognized, it is marked as partial. Aggregation, community.

Optional non-transitive If the BGP process does not recognize the attribute then it can ignore the update and not advertise the path to its peer. Multi-exit discriminator (MED), originator ID

 AS_Path attribute- this particular path attribute lists the autonomous system numbers in the end-to-end path. BGP uses AS_Path as its primary loop-prevention tool.

 AS_Path attribute is a well-known mandatory attribute. its list of AS through which updates are coming. The shortest AS_PATH list is more desirable.

Next_hop is a well-known, mandatory attribute next hop means IP address to reach next autonomous system because BGP is AS by AS routing protocol. 

Origin attribute 

origin informs all AS in internetwork how network got introduced into BGP.

 (i)  represent IGP

 (e) represent EBGP

 (?) represent incomplete        

Weight Attribute is a cisco's attribute. its tell how to exit the AS, path with the highest weight is more desirable. weight is partial attribute, by default weight 0 learn route 32,769 for locally injected routes. its local to the router not advertise to any BGP peers.

Local Preference Attribute

Local preference define how to data traffic should exit from an Autonomous system. path with highest preference value is more desirable by default is 100, and the range 0 through 232  local preference is well known, discretionary attribute it is advertise only to iBGP neighbor within an Autonomous system.

R3#show ip bgp

BGP table version is 5, local router ID is 13.0.3.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,

              x best-external, a additional-path, c RIB-compressed,

Origin codes: i - IGP, e - EGP, ? - incomplete

RPKI validation codes: V valid, I invalid, N Not found

     Network          Next Hop            Metric       LocPrf     Weight     Path

 r>i 10.0.0.0         11.0.0.1                 0                100            0            i

 r>i 20.0.0.0         12.0.0.1                 0                100            0            i

 *>  30.0.0.0         0.0.0.0                  0                                32768       i

 r>i 40.0.0.0         14.0.0.1                 0                 100           0             i

Here is the lists of all BGP labs and theories CCNA to CCIE 

1.Introduction of BGP

2.BGP Neighbors

3.BGP Peer Group

4.BGP Attributes

5.BGP Weight Attribute

6.BGP Local Preference (Local_Pref)

7.BGP Multi Exit Discriminator (MED)

8.BGP AS Path Prepending

9.BGP Route Reflectors (RR)

10.BGP Communities_No-advertise configuration

11.BGP community Local-AS

12.BGP Confederations and configuration

13.BGP Route filtering methods