29 June 2015

BGP Backdoor Networks

BGP uses an administrative distance (AD) of 20 for eBGP routes and 200 for iBGP routes and works well in almost all network designs. Occasionally, a route learned via an interior gateway protocol (IGP) needs to take preference over a route learned via eBGP. This can be accomplished using the BGP backdoor network feature. A BGP backdoor network is treated as a local network and raises the AD for the eBGP-learned route from 20 to 200, and the router prohibits the advertisement of the backdoor network to eBGP peers.

BGP backdoor networks use the BGP address family configuration command network network mask subnet-mask backdoor on IOS routers, and the command network network/prefix-length backdoor on IOS XR routers. The following scenario provides a use case for the BGP backdoor network feature.

Figure below illustrates a topology where AS200 and AS 400 connect via AS300 and are mutually redistributing OSPF into BGP. AS200 and AS300 plan to connect to each other through AS300 so that servers in the 10.1.1.0/24 network can communicate with servers in the 10.5.5.0/24 network.


AS200 and AS 400 Connectivity


The throughput between the AS200 and AS 400 is insufficient, so a dedicated link (10.24.1.0/24) between XR2 and R4 is established, as shown in Figure below. Packets between AS200 and AS 400 still route through AS300 because AS200 routes are learned via eBGP with an AD of 20, which is lower than the AD advertised by the OSPF direct path. The AD for routes is shown in brackets.

Suboptimal Routing Between AS200 and AS 400


XR2 and R4 configure the remote networks as BGP backdoor networks. This raises the AD of the backdoor networks to 200, which is higher than the AD of OSPF. XR2 and R4 then install the remote networks into the RIB with the OSPF path. Figure below provides the topology and routing table for XR2 and R4. Notice that the next hop for the remote networks uses the 10.24.1.0/24 network instead of routing traffic through AS300.


BGP Backdoor Network Topology


The example demonstrates the BGP backdoor network configuration. XR2 configures the AS 400 networks (10.45.1.0/24 and 10.5.5.0/24) and R4 configures AS200 networks (10.1.1.0/24 and 10.12.1.0/24) as BGP backdoor networks.


XR2
router bgp 200
 bgp router-id 192.168.2.2
 address-family ipv4 unicast
  network 10.1.1.0/24
  network 10.5.5.0/24 backdoor
  network 10.12.1.0/24
  network 10.45.1.0/24 backdoor
  redistribute ospf 1
!
neighbor 10.23.1.3
 remote-as 300
 address-family ipv4 unicast
  route-policy PASSALL in
  route-policy PASSALL out

R4
router bgp 400
 bgp log-neighbor-changes
 neighbor 10.34.1.3 remote-as 300
!
address-family ipv4
 network 10.1.1.0 mask 255.255.255.0 backdoor
 network 10.5.5.0 mask 255.255.255.0
 network 10.12.1.0 mask 255.255.255.0 backdoor
 network 10.45.1.0 mask 255.255.255.0
 redistribute ospf 1
 neighbor 10.34.1.3 activate
exit-address-family




biOos
Posted by at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)