BGP Backdoor conclusion (Sorry for the long post)

BGP Backdoor conclusion (is this correct)?

I under stand that backdoor feature change the AD distance to 200.
I am configure this on R2, where i receive the route from R3.

The backdoor command does influence the way I will send the traffic on
the router where
it is configured.

If I do not configure this on both sides I can end up with asymmetric routing.
Backdoor command does not influence where I receive the route.

R2 ----Fa (EIGRP)---- R3
  | |
  |__Serial_ R1 eBGP_ |

Network 150.1.3.0 advertised in EIGRP and BGP
R3 have already config backdoor option for 150.1.2.0

eBGP AD 20
EIGRP 90

-- We can se that EIGRP will not install the route.

P 150.1.3.0/24, 0 successors, FD is Inaccessible, serno 14
        via 150.1.23.3 (156160/128256), FastEthernet0/0

- We do se that it is installed in the BGP table

B 150.1.3.0 [20/0] via 10.1.12.1, 00:06:56

- We do als see here more details about the specific route

R2#show ip bgp 150.1.3.0/24
BGP routing table entry for 150.1.3.0/24, version 14
Paths: (1 available, best #1, table Default-IP-Routing-Table)
  Not advertised to any peer
  100 300
    10.1.12.1 from 10.1.12.1 (1.1.1.1)
      Origin IGP, localpref 100, valid, external, best

- Traceroute showing us that this is not the preferred way (Via BGP
cloud when we have an (100 mbit etheternet connection)

R2#traceroute 150.1.3.3 source 150.1.2.2

Type escape sequence to abort.
Tracing the route to 150.1.3.3

  1 10.1.12.1 28 msec 28 msec 28 msec (R1 serial)
  2 10.1.13.3 20 msec 20 msec * (R3 Serial)

on R2

- This eBGP connection should be a backup so I did
  configure the backdoor option.

- Under the bgp process on R2
network 150.1.3.0 mask 255.255.255.0 backdoor

- Now we see that EIGRP have installed the route in the topology table.

P 150.1.3.0/24, 1 successors, FD is 156160, serno 15
        via 150.1.23.3 (156160/128256), FastEthernet0/0

- As expected we do now get a RIB failure in BGP

r> 150.1.3.0/24 10.1.12.1 0 100 300 i

- Jus to make sure, that the rib failure is correct (Higher AD)

R2#show ip bgp rib-failure
Network Next Hop RIB-failure RIB-NH Matches
150.1.3.0/24 10.1.12.1 Higher admin distance n/a

- Some more details about the RIB failure

R2#show ip bgp 150.1.3.0/24
BGP routing table entry for 150.1.3.0/24, version 15
Paths: (1 available, best #1, table Default-IP-Routing-Table, RIB-failure(17))
  Not advertised to any peer
  100 300
    10.1.12.1 from 10.1.12.1 (1.1.1.1)
      Origin IGP, localpref 100, valid, external, best

- The route are now in the eigrp routing table

the result is correct.
D 150.1.3.0 [90/156160] via 150.1.23.3, 00:02:06, FastEthernet0/0

- Traceroute show that we are choosing the 100 mbit/s way

Type escape sequence to abort.
Tracing the route to 150.1.3.3

  1 150.1.23.3 0 msec 0 msec * (R3 fas 0/0)

Lesson learned (I did believe before that the backdoor command was
configured on the advertising router)
I do now understand that the backdoor command influence the path out
only. This was obvious when i did some detail
reading and config.

when I am reading the reference guide whit new eyes, it is dead simple :)

Usage Guidelines
A backdoor network is assigned an administrative distance of 200. The
objective is to make Interior Gateway Protocol (IGP) learned routes
preferred. A backdoor network is treated as a local network, except
that it is not advertised. A network that is marked as a back door is
not sourced by the local router, but should be learned from external
neighbors. The BGP best path selection algorithm does not change when
a network is configured as a back door.

Examples
The following address family configuration example configures network
10.108.0.0 as a local network and network 192.168.7.0 as a backdoor
network:

router bgp 109
address-family ipv4 multicast
 network 10.108.0.0
 network 192.168.7.0 backdoor

The following router configuration example configures network
10.108.0.0 as a local network and network 192.168.7.0 as a backdoor
network:
router bgp 109
 network 10.108.0.0
 network 192.168.7.0 backdoor

I hope that some one else have use of this information.

Blogs and organic groups at http://www.ccie.net
Received on Thu Dec 29 2011 - 18:39:24 ART