BGP backdoor(CCIE LAB面试题分析)

Daniel.

近日在CCIE LAB Interview 中牵扯到BGP backdoor的问题，要求作出相应的描述，特此翻阅了cisco的英文文档，并进行了截取，希望能够给CCIE CLUB的战友一点帮助。

9-4 network ip-address mask network-mask backdoor

Syntax Description:

• ip-address— Network to advertise to BGP peers.
• network-mask— Optional parameter used to advertise nonclassful network prefixes.

Defaults: None

Limitations: Up to 200 instances of the network command may be used in the configuration. For Cisco IOS Software Release 12.0 and later, this restriction has been removed.

Purpose: When a router is running more than one IP routing protocol, the possibility exists that a particular route might be learned by two or more protocols. Because different IP routing protocols calculate the cost to a route using different metrics, the protocol cost cannot be used to ** the best path. When a route is known by more than one IP routing protocol, Cisco routers use the administrative distance to ** the best path, with the lowest administrative distance being preferred. EBGP routes have an administrative distance of 20, and IGPs have a higher administrative distance:

• EBGP— 20
• EIGRP— 90
• IGRP— 100
• OSPF— 110
• RIP— 120
• IBGP— 200

EBGP routes are preferred over IGP routes. The backdoor option instructs BGP to set the administrative distance for the network specified to 200, allowing the IGP route to be preferred.

Cisco IOS Software Release: 10.0

Daniel.

Configuration Example: Finding the Best Route Through Administrative Distance

In Figure 9-3, Router A is learning about network 172.17.2.0 via EBGP and EIGRP.

Figure 9-3. EBGP Route to 172.17.2.0 Is Preferred Over the EIGRP Route

Daniel.

Router A

router eigrp 1

network 172.17.0.0

!

router bgp 1

neighbor 10.1.1.2 remote-as 3

___________________________________________________________________________

Router B

router eigrp 1

network 172.17.0.0

!

router bgp 2

network 172.17.2.0 mask 255.255.255.0

neighbor 10.1.2.1 remote-as 3

___________________________________________________________________________

Router C

router bgp 3

network 10.1.1.0 mask 255.255.255.252

network 10.1.2.0 mask 255.255.255.252

neighbor 10.1.1.1 remote-as 1

neighbor 10.1.2.2 remote-as 2

Because EBGP has a lower administrative distance than EIGRP, the EBGP route is installed in Router A's IP routing table.

rtrA#show ip route

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP

i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default

U - per-user static route, o - ODR, P - periodic downloaded static route

T - traffic engineered route

Gateway of last resort is not set

172.17.0.0/24 is subnetted, 2 subnets

C
172.17.1.0 is directly connected, Ethernet0

B
172.17.2.0 [20/0] via 10.1.1.2

10.0.0.0/30 is subnetted, 2 subnets

B
10.1.2.0 [20/0] via 10.1.1.2

C
10.1.1.0 is directly connected, Serial0

Daniel.

The preferred path ** Router A to network 172.17.2.0 is through Router C. The shortest path to network 172.17.2.0 is through the direct connection to Router B. A number of methods can be used to modify routing table entries so that Router A prefers the direct path to network 172.17.2.0. Using the backdoor option is relatively easy, as shown in the following modified listing for Router A:

Router A

router bgp 1

network 172.17.2.0 mask 255.255.255.0 backdoor

neighbor 10.1.1.2 remote-as 3

The option causes the network learned via EBGP to have an administrative distance of 200. The EIGRP route for network 172.17.2.0 has an administrative distance of 90, causing it to be installed in the IP routing table.

Verification

By inspecting the IP routing table on Router A, we can see that the route to 172.17.2.0 learned via EIGRP has been installed in the IP routing table, replacing the EBGP route:

rtrA#show ip route

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP

i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default

U - per-user static route, o - ODR, P - periodic downloaded static route

T - traffic engineered route

Gateway of last resort is not set

172.17.0.0/24 is subnetted, 2 subnets

C
172.17.1.0 is directly connected, Ethernet0

D
172.17.2.0 [90/409600] via 172.17.1.2, Ethernet0

10.0.0.0/30 is subnetted, 2 subnets

B
10.1.2.0 [20/0] via 10.1.1.2

C
10.1.1.0 is directly connected, Serial0

Troubleshooting

Step 1. Verify that the BGP neighbors are in the Established state using the show ip bgp neighbors command.

If the neighbor relationship is not in the Established state, see section 8-23.

Daniel.

Step 2. Before using the backdoor option, use the show ip bgp command to ensure that the route you intend to modify is in the BGP table. For example, on Router A, verify a BGP entry for network 172.17.2.0:

rtrA#show ip bgp

BGP table version is 43, local router ID is 192.16.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal

Origin codes: i - IGP, e - EGP, ? - incomplete

Network
Next Hop
Metric LocPrf Weight Path

*> 10.1.1.0/30
10.1.1.2
0
0 3 i

*> 10.1.2.0/30
10.1.1.2
0
0 3 i

*> 172.17.2.0/24
10.1.1.2

0 3 2 I

Step 3. If the network is in the BGP table, the backdoor option will work as described.

[ 本帖最后由 Daniel. 于 2008-9-5 09:03 编辑 ]

Daniel.

附上本文档的出处。

Cisco.Press.CCIE.Professional.Development.BGP.4.Command.and.Configuration.Handbook

zolo1987

顶一个，顶一个!!

窗外的天空

虾米？技术含量这么高，顶一个

ch5802125

这就是翔哥的ID号 要顶

广播风暴

原来是翔哥~~~强烈顶一个~~~