From: Bob Sinclair (bsinclair@netmasterclass.net)
Date: Fri Feb 13 2004 - 13:37:22 GMT-3
Michael,
Good catch on that and a great explanation. I wonder if perhaps the same
result could be achieved with the BACKDOOR command? It changes the AD of an
EBGP route to 200 so that an igp-learned route is preferred.
Bob Sinclair
CCIE #10427, CISSP, MCSE
www.netmasterclass.net
----- Original Message -----
From: "Michael Snyder" <msnyder@revolutioncomputer.com>
To: <ccielab@groupstudy.com>
Sent: Thursday, February 12, 2004 10:01 PM
Subject: A very good use for the bgp distance command.
> I just got doing this in a practice lab tonight. Thought I would post a
> problem from it.
>
> The lab has loopbacks in the format of 210.x.x.x
>
> 210.1.1.1/32
> 210.2.2.2/32
> 210.4.4.4/24 (version 1 rip)
> 210.5.5.5/32
> etc.
>
> All my bgp neighbors use loopback peering. Example 210.1.1.1 peers to
> 210.2.2.2
>
> router bgp 64513
> no synchronization
> bgp router-id 210.5.5.5
> bgp log-neighbor-changes
> bgp confederation identifier 200
> bgp confederation peers 64512
> neighbor internal peer-group
> neighbor internal remote-as 64513
> neighbor internal update-source Loopback0
> neighbor internal route-reflector-client
> neighbor 210.2.2.2 peer-group internal
> neighbor 210.4.4.4 peer-group internal
> neighbor 210.6.6.6 remote-as 64512
> neighbor 210.6.6.6 ebgp-multihop 4
> neighbor 210.6.6.6 update-source Loopback0
> neighbor 210.7.7.7 remote-as 700
> neighbor 210.7.7.7 ebgp-multihop 3
> neighbor 210.7.7.7 update-source Loopback0
> no auto-summary
>
> Here's the rub, one of the requirements is to advertise the loopback
> networks into bgp.
>
> I'm using igp to reach my bgp neighbors! As soon as I put the loopback
> subnets into bgp, they will go down.
>
> Why? `B 210.8.8.8 [20/0] via 210.7.7.7, 00:02:05` Because the
> external AS's will place routes in the routing tables with the admin
> distance of 20.
>
> This is just a classic bgp landmine.
>
> Solution, as soon as I saw the requirement I added the following
> commands to every router.
>
> access-list 80 permit 210.0.0.0 0.255.255.255
>
> router bgp xxxx
> distance 180 210.0.0.0 0.255.255.255 80
> end
>
> In English, any bgp routing updates coming from any loopback networks
> (which is all my neighbors) set the routes that match access-list 80
> (which also is my loopback networks) to the admin distance of 180 (which
> is higher than my highest igp eigrp external 170 admin distance)
>
> One note, the distance command uses wildcards, not masks. The ios help
> is wrong.
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> Michael Snyder
> Lead Network Engineer
> CCNP/DP, CSS1, MCSE NT/2000
> Revolution Computer Systems
> (270) 443-7400
>
> _______________________________________________________________________
> Please help support GroupStudy by purchasing your study materials from:
> http://shop.groupstudy.com
>
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Fri Mar 05 2004 - 07:13:49 GMT-3