RE: BGP Backdoor (Doyle Vol II page 240)

From: Michael Wong (Michael.Wong@xxxxxxxxxx)
Date: Mon Sep 03 2001 - 21:57:50 GMT-3

   
A ....

Thanks for the insight, I will be working on Halabi's book in the not too dista
nt future and will definitely be comparing the backdoor scenarios. I'm glad you
 got a better understanding of backdoor routes and thanks again for sharing you
r thoughts, you've cleared a lot of things up for me.

MW :)

-----Original Message-----
From: afiddler [mailto:afiddler@wi.rr.com]
Sent: Monday, 3 September 2001 2:20 am
To: Michael Wong; Peng Li; Groupstudy - CCIELAB (E-mail)
Subject: Re: BGP Backdoor (Doyle Vol II page 240)

Michael, I think I've figured this out. There were a few discrepancies in
Doyle's example. I found that Halabi's backdoor example was clearer (page
326 of the second addition). Doyle's backdoor example is two-way, where he
has a backdoor route defined on both Meribel and Lillehammer. Halabi's
example just has one backdoor route.

What is possibly not made clear in Doyle's example is that only RIP is
running over the serial link between Meribel and Lillehammer. I think the
use of redistribution statements in the configurations of Meribel and
Lillehammer on pages 237 and 238 is misleading, especially when he
redistributes two ways on Meribel and one way on Lillehammer(?). I removed
the redistribution statements altogether, as I think they are unnecessary at
the least. Meribel and Lillehammer are not BGP neighbors, since only RIP is
running on the serial link between them. They are neighbors with Innsbruck
and Cervinia. I also turned off synchronization (Doyle forgets to do this
in several examples). Here is my config from Meribel. Lillehammer's is the
same in concept.

interface Loopback0
 ip address 10.50.250.1 255.255.255.255
 no ip directed-broadcast
!
interface Loopback1
 ip address 10.20.0.1 255.255.0.0
 no ip directed-broadcast
!
interface Loopback2
 ip address 172.17.0.1 255.255.0.0
 no ip directed-broadcast
!
interface Loopback3
 ip address 172.29.2.1 255.255.255.0
 no ip directed-broadcast
!
interface Loopback4
 ip address 192.168.50.1 255.255.255.0
 no ip directed-broadcast
!
interface Ethernet0
 ip address 192.168.10.1 255.255.255.0
 no ip directed-broadcast
!
interface Ethernet1
 ip address 10.2.0.1 255.255.0.0
 no ip directed-broadcast
!
interface Serial0
 ip address 192.168.20.1 255.255.255.0
 no ip directed-broadcast
 no ip mroute-cache
 no fair-queue
 clockrate 250000
!
router rip
 network 10.0.0.0
 network 172.17.0.0
 network 172.29.0.0
 network 192.168.20.0
 network 192.168.50.0
!
router bgp 50
 no synchronization
 bgp log-neighbor-changes
 network 172.17.0.0
 network 172.18.0.0 backdoor
 neighbor 10.100.83.1 remote-as 100
 neighbor 10.100.83.1 ebgp-multihop 2
 neighbor 10.100.83.1 update-source Loopback0
 neighbor 10.200.60.1 remote-as 200
 neighbor 10.200.60.1 ebgp-multihop 2
 neighbor 10.200.60.1 update-source Loopback0
 no auto-summary
!
ip route 10.100.83.1 255.255.255.255 192.168.10.2
ip route 10.200.60.1 255.255.255.255 192.168.10.4

In my lab I have routers running a few different versions of the IOS,
partially to appreciate the differences in versions, but also in case there
is a bug in one version that is not in the other version(s). Well guess
what, there is a bug relating to the use of backdoor. Here it is from CCO:

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:32:14 GMT-3