Understanding BGP Backdoor

Rashmi Bhardwaj | Blog,Config & Troubleshoot,Routing & Switching
Google ADs

In further continuation to our discussion on BGP related terms and methodologies, in this post we will discuss the use of BGP backdoor approach and corresponding configuration on BGP speakers.

What is BGP Backdoor?

BGP Backdoor is a well-known feature of BGP to alter the administrative distance of external Border Gateway Protocol (eBGP) to give precedence to an internal gateway routing protocol (IGP) over an eBGP route. By default, external BGP (eBGP) is assigned an administrative distance of 20.

Administrative distance is the foremost criterion which a router considers when it has to choose between two routing protocols that provide route information for the same destination. This administrative distance is a scale which indicates how reliable and trustworthy the source of the route information is. A lower administrative distance value reflects that the protocol/link is more dependable.

Google ADs

The “Backdoor Feature” can be used to up the administrative distance of eBGP to 200 to make sure that IGP learned routes are given priority. This feature means that a backdoor network will be treated like a local one, however, it will not be advertised. This can be done by using the network BGP backdoor command.

Topology to Understand BGP Backdoor

understanding-bgp-backdoor

As per topology we have three routers R1, R2 & R3 having IGP/BGP configured in following fashion –

R1 <-> R2 OSPF
R2 <-> R3 EBGP
R1 <-> R3 EBGP

Both R1 and R3 receive the route R2 loopback (9.9.0.2)  from Router R2 through OSPF and eBGP respectively.R1 and R3 further have an EBGP neighborship and hence R1 will receive the route of 9.9.0.2 from R3 via eBGP. Now R1 has two routes for 9.9.0.2, one from R2 via OSPF and another from R3 via eBGP.

Since the eBGP learnt route AD is 20 and OSPF being 110, eBGP route via R3 is the preferred one and installed in the routing table. However, considering shortest path we won’t prefer to reach to 9.9.0.2 via path R1 > R3 >R2 since we have less hop path i.e. R1>R2.

In order to achieve this there have 2 two options:

1: Change the eBGP AD value to a value larger than AD 110 of OSPF

2: Use the BGP backdoor command.

Option 1 of changing the AD value is less recommended hence most commonly used method to achieve this required output is Option 2 i.e. to use of BGP backdoor command.

Now lets us take a look at the working and configurations of our topology:

CONFIGURATION 

R1:

interface FastEthernet0/0
ip address 9.9.12.1 255.255.255.0
ip ospf 1 area 0
!
interface FastEthernet1/0
ip address 9.9.13.1 255.255.255.0
!
router bgp 100
bgp log-neighbor-changes
neighbor 9.9.13.3 remote-as 300

R2:

interface Loopback0
ip address 9.9.0.2 255.255.255.255
ip ospf 1 area 0
!
interface FastEthernet0/0
ip address 9.9.12.2 255.255.255.0
ip ospf 1 area 0
!
interface FastEthernet1/0
ip address 9.9.23.2 255.255.255.0
!
router bgp 200
bgp log-neighbor-changes
network 9.9.0.2 mask 255.255.255.255
neighbor 9.9.23.3 remote-as 300

R3:

interface FastEthernet0/0
ip address 9.9.13.3 255.255.255.0
!
interface FastEthernet1/0
ip address 9.9.23.3 255.255.255.0
!
router bgp 300
bgp log-neighbor-changes
neighbor 9.9.13.1 remote-as 100
neighbor 9.9.23.2 remote-as 200

VERIFICATION

Checking route of R2s loopback on R1 without BGP backdoor.

R1#sh ip route
9.0.0.0/8 is variably subnetted, 5 subnets, 2 masks
B       9.9.0.2/32 [20/0] via 9.9.13.3, 00:04:34   #Known via R3#
C       9.9.12.0/24 is directly connected, FastEthernet0/0
L       9.9.12.1/32 is directly connected, FastEthernet0/0
C       9.9.13.0/24 is directly connected, FastEthernet1/0
L       9.9.13.1/32 is directly connected, FastEthernet1/0

After the BGP backdoor is configured on R1 as follows: 

R1#
router bgp 100
network 9.9.0.2 mask 255.255.255.255 backdoor
neighbor 9.9.13.3 remote-as 300

Verifying the route for 9.9.0.2 now on R1: 

R1#sh ip route
Codes: L – local, C – connected, S – static, R – RIP, M – mobile, B – BGP
D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area
N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2
E1 – OSPF external type 1, E2 – OSPF external type 2
i – IS-IS, su – IS-IS summary, L1 – IS-IS level-1, L2 – IS-IS level-2
ia – IS-IS inter area, * – candidate default, U – per-user static route
o – ODR, P – periodic downloaded static route, H – NHRP, l – LISP
+ – replicated route, % – next hop override
Gateway of last resort is not set
9.0.0.0/8 is variably subnetted, 5 subnets, 2 masks

O       9.9.0.2/32 [110/2] via 9.9.12.2, 00:00:18, FastEthernet0/0   #Known via R2#
C        9.9.12.0/24 is directly connected, FastEthernet0/0
L       9.9.12.1/32 is directly connected, FastEthernet0/0
C       9.9.13.0/24 is directly connected, FastEthernet1/0
L       9.9.13.1/32 is directly connected, FastEthernet1/0

Continue Reading:

BGP Multipath As-Path Relax

BGP Origin Attribute

ABOUT THE AUTHOR


Leave a Comment

Your email address will not be published. Required fields are marked *

Shopping Cart