BGP Backdoor

image

R1 configuration

interface FastEthernet0/0
 ip address 10.1.12.1 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet0/1
 ip address 10.1.13.1 255.255.255.0
 duplex auto
 speed auto
!
router bgp 100
 no synchronization
 bgp log-neighbor-changes
 neighbor 10.1.12.2 remote-as 200
 neighbor 10.1.13.3 remote-as 300
 no auto-summary

R2 configurations

interface Loopback0
 ip address 2.2.2.2 255.255.255.0
!
interface FastEthernet0/0
 ip address 10.1.12.2 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet0/1
 ip address 10.1.23.2 255.255.255.0
 duplex auto
 speed auto
!        
router eigrp 100
 network 2.2.2.2 0.0.0.0
 network 10.1.23.2 0.0.0.0
 auto-summary
!
router bgp 200
 no synchronization
 bgp log-neighbor-changes
 network 2.2.2.0 mask 255.255.255.0
 neighbor 10.1.12.1 remote-as 100
 no auto-summary

R3 configuration

interface FastEthernet0/0
 ip address 10.1.13.3 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet0/1
 ip address 10.1.23.3 255.255.255.0
 duplex auto
 speed auto
!
router eigrp 100
 network 10.1.23.3 0.0.0.0
no auto-summary
!
router bgp 300
 no synchronization
 bgp log-neighbor-changes
 neighbor 10.1.13.1 remote-as 100
 no auto-summary

Now let’s check the routing table on R3 for 2.2.2.0 the prefix that we advertised on both EIGRP and BGP on R2

R3#sh ip route 2.2.2.0
Routing entry for 2.2.2.0/24
  Known via "bgp 300", distance 20, metric 0
  Tag 100, type external
  Last update from 10.1.13.1 00:02:15 ago
  Routing Descriptor Blocks:
  * 10.1.13.1, from 10.1.13.1, 00:02:15 ago
      Route metric is 0, traffic share count is 1
      AS Hops 2
      Route tag 100

so as we can see R3 is using R1 to reach 2.2.2.0/24 on R2 this is because the AD of EBGP is 20 and the AD of EIGRP is 90 the EBGP route was preferred over the EIGRP one

one way to fix this is to change the AD of that route on R3 to something higher than

to do this we need to match the prefix with an access-list  and then we assign a higher distance under the BGP configuration on R3

R3(config)#access-list 1 permit 2.2.2.0 0.0.0.255
R3(config)#router bgp 300
R3(config-router)#distance 95 10.1.13.1 0.0.0.0 1

Now let’s  check the 2.2.2.0/24 route on R3

R3(config)#do sh ip route  2.2.2.0
Routing entry for 2.2.2.0/24
  Known via "eigrp 100", distance 90, metric 409600, type internal
  Redistributing via eigrp 100
  Last update from 10.1.23.2 on FastEthernet0/1, 00:05:03 ago
  Routing Descriptor Blocks:
  * 10.1.23.2, from 10.1.23.2, 00:05:03 ago, via FastEthernet0/1
      Route metric is 409600, traffic share count is 1
      Total delay is 6000 microseconds, minimum bandwidth is 10000 Kbit
      Reliability 255/255, minimum MTU 1500 bytes
      Loading 1/255, Hops 1

As we can see R3 is now using EIGRP to reach that prefix on R2

Another way of doing this is to use the backdoor option in BGP as changing AD is not recommended in BGP real world as it may cause routing loops

R3(config-router)# network 2.2.2.0 mask 255.255.255.0 backdoor 

Now let’s the 2.2.2.0/24 on R3

R3(config-router)#do sh ip route 2.2.2.0
Routing entry for 2.2.2.0/24
  Known via "eigrp 100", distance 90, metric 409600, type internal
  Redistributing via eigrp 100
  Last update from 10.1.23.2 on FastEthernet0/1, 00:02:35 ago
  Routing Descriptor Blocks:
  * 10.1.23.2, from 10.1.23.2, 00:02:35 ago, via FastEthernet0/1
      Route metric is 409600, traffic share count is 1
      Total delay is 6000 microseconds, minimum bandwidth is 10000 Kbit
      Reliability 255/255, minimum MTU 1500 bytes
      Loading 1/255, Hops 1

Comments

Post a Comment

Popular posts from this blog

BPDU Filter vs BPDU Guard

        Today we will try to explore the difference between these 2 options, BPDU guard and BPDU filter We know that BPDU are used to communicate between switches in L2 networks  to ensure loop free topology. BPDU Guard is used to protect our access (or trunks incase of servers) ports from receiving undesired BPDU packets, this feature is helpful in enforcing your network boundary in access layer BPDU Guard can be enabled on global configuration as well as under the interface configuration BPDU Filter on the other hand is used to filter BPDU packets outbound when configured  in global configuration (after sending 11 BPDU out ) and will filter BPDU inbound/outbound when configured under the interface level To better understand these two features, let’s use this simple topology R1 is connected to SW1 through F0/0 to have R1 send and receive BPDU we will simple configure bridging group 1 on the router and we will join the bridge group when desired to test our configuration BPDU
Read more

BGP Weight Attribute

Image
Before we start the lab let's see the BGP path selection process If the path specifies a next hop that is inaccessible, drop the update. •Prefer the path with the highest weight. •If the weights are the same, prefer the path with the largest local preference. •If the local preferences are the same, prefer the path that was originated by BGP running on this router. •If no route was originated, prefer the route that has the shortest AS_path. •If all paths have the same AS_path length, prefer the path with the lowest origin code (where IGP is lower than EGP, and EGP is lower than incomplete). •If the origin codes are the same, prefer the path with the lowest MED attribute. •If the paths have the same MED, prefer the external path over the internal path. •If the paths are still the same, prefer the path through the closest IGP neighbor. •Prefer the path with the lowest IP address, as specified by the BGP router ID. I read this on CCIE Pursuit blog We Love Oranges As O
Read more

OSPF–Point To Multipoint Non-Broadcast

Image
Using same setup that we have been using in the last 3 posts, we will change the network type to point-to-multipoint Non-Broadcast we will also add a Ethernet link between R2 and R3 and enable OSPF on it Our final configuration should be something like this R1 interface Serial0/0   no ip address   encapsulation frame-relay   no frame-relay inverse-arp ! interface Serial0/0.123 multipoint   ip address 10.1.123.1 255.255.255.0   ip ospf network point-to-multipoint non-broadcast   ip ospf 1 area 0   frame-relay map ip 10.1.123.2 102   frame-relay map ip 10.1.123.3 103 !          router ospf 1   router-id 1.1.1.1   log-adjacency-changes   neighbor 10.1.123.2   neighbor 10.1.123.3 R2 interface Serial0/0   no ip address   encapsulation frame-relay   no frame-relay inverse-arp ! interface Serial0/0.123 multipoint   ip address 10.1.123.2 255.255.255.0   ip ospf network point-to-multipoint non-broadcast   ip ospf 1 area 0   frame-relay map ip 10.1.123.1 201 R3 interface
Read more