tech:network:cisco:bgp:bgp:backdoor:backdoor
Table of Contents
BGP: backdoor
Topology
IP
Project name: ccna-bgp28-backdoor
- R1
enable configure terminal ! hostname R1 no ip domain-lookup line console 0 exec-timeout 0 0 logging synchronous exit ! interface Loopback 1 ip address 1.0.0.1 255.255.255.255 no shutdown exit interface GigabitEthernet 0/0 ip address 100.1.2.1 255.255.255.0 no shutdown exit interface GigabitEthernet 0/1 ip address 100.1.3.1 255.255.255.0 no shutdown exit ! end write
- R2
enable configure terminal ! hostname R2 no ip domain-lookup line console 0 exec-timeout 0 0 logging synchronous exit ! interface Loopback 1 ip address 2.0.0.2 255.255.255.255 no shutdown exit interface GigabitEthernet 0/0 ip address 100.1.2.2 255.255.255.0 no shutdown exit interface GigabitEthernet 0/1 ip address 100.2.3.2 255.255.255.0 no shutdown exit ! end write
- R3
enable configure terminal ! hostname R3 no ip domain-lookup line console 0 exec-timeout 0 0 logging synchronous exit ! interface GigabitEthernet 0/0 ip address 100.1.3.3 255.255.255.0 no shutdown exit interface GigabitEthernet 0/1 ip address 100.2.3.3 255.255.255.0 no shutdown exit ! end write
Basic BGP, OSPF Configuration
- R1
configure terminal ! router ospf 1 network 1.0.0.1 0.0.0.0 area 0 network 100.1.2.1 0.0.0.0 area 0 exit ! router bgp 1 network 1.0.0.1 mask 255.255.255.255 neighbor 100.1.3.3 remote-as 3 exit ! end
- R2
configure terminal ! router ospf 1 network 2.0.0.2 0.0.0.0 area 0 network 100.1.2.2 0.0.0.0 area 0 exit ! router bgp 2 network 2.0.0.2 mask 255.255.255.255 neighbor 100.2.3.3 remote-as 3 exit ! end
- R3
configure terminal ! router bgp 3 neighbor 100.1.3.1 remote-as 1 neighbor 100.2.3.2 remote-as 2 exit ! end
Verification
- R1
traceroute 2.0.0.2 source 1.0.0.1 show ip route show ip route 2.0.0.2
R1#traceroute 2.0.0.2 source 1.0.0.1
Type escape sequence to abort.
Tracing the route to 2.0.0.2
VRF info: (vrf in name/id, vrf out name/id)
1 100.1.3.3 6 msec 4 msec 3 msec
2 100.2.3.2 6 msec 6 msec 5 msec
R1#show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
C 1.0.0.1 is directly connected, Loopback1
2.0.0.0/32 is subnetted, 1 subnets
B 2.0.0.2 [20/0] via 100.1.3.3, 01:01:28
100.0.0.0/8 is variably subnetted, 4 subnets, 2 masks
C 100.1.2.0/24 is directly connected, GigabitEthernet0/0
L 100.1.2.1/32 is directly connected, GigabitEthernet0/0
C 100.1.3.0/24 is directly connected, GigabitEthernet0/1
L 100.1.3.1/32 is directly connected, GigabitEthernet0/1
R1#show ip route 2.0.0.2
Routing entry for 2.0.0.2/32
Known via "bgp 1", distance 20, metric 0
Tag 3, type external
Last update from 100.1.3.3 01:01:46 ago
Routing Descriptor Blocks:
* 100.1.3.3, from 100.1.3.3, 01:01:46 ago
Route metric is 0, traffic share count is 1
AS Hops 2
Route tag 3
MPLS label: none
Change AD Value (NOT RECOMMENDED)
- R1
configure terminal ! router bgp 1 distance bgp 120 200 200 exit ! end
- R2
configure terminal ! router bgp 2 distance bgp 120 200 200 exit ! end
R1#conf t Enter configuration commands, one per line. End with CNTL/Z. R1(config)#router bgp 1 R1(config-router)#dista R1(config-router)#distance bgp ? <1-255> Distance for routes external to the AS R1(config-router)#distance bgp 120 ? <1-255> Distance for routes internal to the AS R1(config-router)#distance bgp 120 200 ? <1-255> Distance for local routes R1(config-router)#distance bgp 120 200 200 R1(config-router)#
Verification
- R1 - R3
HARD RESET
clear ip bgp *
- R1
traceroute 2.0.0.2 source 1.0.0.1 show ip route show ip route 2.0.0.2 show ip protocols | section bgp show ip protocols | section ospf show ip bgp
R1#show ip protocols | s bgp
Routing Protocol is "bgp 1"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
IGP synchronization is disabled
Automatic route summarization is disabled
Neighbor(s):
Address FiltIn FiltOut DistIn DistOut Weight RouteMap
100.1.3.3
100.1.3.3
Maximum path: 1
Routing Information Sources:
Gateway Distance Last Update
100.1.3.3 20 01:08:02
Distance: external 120 internal 200 local 200
R1#show ip protocols | section ospf
Routing Protocol is "ospf 1"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Router ID 1.0.0.1
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
Maximum path: 4
Routing for Networks:
1.0.0.1 0.0.0.0 area 0
100.1.2.1 0.0.0.0 area 0
Routing Information Sources:
Gateway Distance Last Update
2.0.0.2 110 01:09:48
2.0.0.2 110 01:09:48
Distance: (default is 110)
R1#sh ip bgp
BGP table version is 3, local router ID is 1.0.0.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 1.0.0.1/32 0.0.0.0 0 32768 i
r> 2.0.0.2/32 100.1.3.3 0 3 2 i
R1#sh ip ro
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
C 1.0.0.1 is directly connected, Loopback1
2.0.0.0/32 is subnetted, 1 subnets
O 2.0.0.2 [110/2] via 100.1.2.2, 00:03:36, GigabitEthernet0/0
100.0.0.0/8 is variably subnetted, 4 subnets, 2 masks
C 100.1.2.0/24 is directly connected, GigabitEthernet0/0
L 100.1.2.1/32 is directly connected, GigabitEthernet0/0
C 100.1.3.0/24 is directly connected, GigabitEthernet0/1
L 100.1.3.1/32 is directly connected, GigabitEthernet0/1
R1#traceroute 2.0.0.2 source 1.0.0.1
Type escape sequence to abort.
Tracing the route to 2.0.0.2
VRF info: (vrf in name/id, vrf out name/id)
1 100.1.2.2 7 msec 4 msec 4 msec
R2#show ip protocols | s bgp
Routing Protocol is "bgp 2"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
IGP synchronization is disabled
Automatic route summarization is disabled
Neighbor(s):
Address FiltIn FiltOut DistIn DistOut Weight RouteMap
100.2.3.3
100.2.3.3
Maximum path: 1
Routing Information Sources:
Gateway Distance Last Update
100.2.3.3 20 01:08:01
Distance: external 120 internal 200 local 200
R2#show ip protocols | section ospf
Routing Protocol is "ospf 1"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Router ID 2.0.0.2
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
Maximum path: 4
Routing for Networks:
2.0.0.2 0.0.0.0 area 0
100.1.2.2 0.0.0.0 area 0
Routing Information Sources:
Gateway Distance Last Update
1.0.0.1 110 01:09:48
1.0.0.1 110 01:09:48
Distance: (default is 110)
R2#sh ip bgp
BGP table version is 3, local router ID is 2.0.0.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
r> 1.0.0.1/32 100.2.3.3 0 3 1 i
*> 2.0.0.2/32 0.0.0.0 0 32768 i
R3#show ip protocols | s bgp
Routing Protocol is "bgp 3"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
IGP synchronization is disabled
Automatic route summarization is disabled
Neighbor(s):
Address FiltIn FiltOut DistIn DistOut Weight RouteMap
100.1.3.1
100.2.3.2
100.2.3.2
Maximum path: 1
Routing Information Sources:
Gateway Distance Last Update
100.2.3.2 20 01:08:02
100.1.3.1 20 01:08:02
Distance: external 20 internal 200 local 200
R3#sh ip bgp
BGP table version is 3, local router ID is 100.2.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 1.0.0.1/32 100.1.3.1 0 0 1 i
*> 2.0.0.2/32 100.2.3.2 0 0 2 i
backdoor Configuration
- R1
configure terminal ! router bgp 1 network 2.0.0.2 mask 255.255.255.255 backdoor exit ! end
- R2
configure terminal ! router bgp 1 network 1.0.0.1 mask 255.255.255.255 backdoor exit ! end
Verification
Reset is not required?
- R1
traceroute 2.0.0.2 source 1.0.0.1 show ip route show ip route 2.0.0.2 show ip protocols | section bgp show ip protocols | section ospf show ip bgp
R1#traceroute 2.0.0.2 source 1.0.0.1
Type escape sequence to abort.
Tracing the route to 2.0.0.2
VRF info: (vrf in name/id, vrf out name/id)
1 100.1.3.3 6 msec 4 msec 4 msec
2 100.2.3.2 7 msec 5 msec 6 msec
R1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#router bgp 1
R1(config-router)#netwo
R1(config-router)#network 2.0.0.2 ?
backdoor Specify a BGP backdoor route
mask Network mask
route-map Route-map to modify the attributes
<cr>
R1(config-router)#network 2.0.0.2 mas
R1(config-router)#network 2.0.0.2 mas
R1(config-router)#network 2.0.0.2 mask 255.255.255.255 ?
backdoor Specify a BGP backdoor route
route-map Route-map to modify the attributes
<cr>
R1(config-router)#network 2.0.0.2 mask 255.255.255.255 bac
R1(config-router)#network 2.0.0.2 mask 255.255.255.255 backdoor
R1(config-router)#^Z
R1#
*Feb 14 12:02:04.976: %SYS-5-CONFIG_I: Configured from console by console
R1#sh ip bgp
BGP table version is 3, local router ID is 1.0.0.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 1.0.0.1/32 0.0.0.0 0 32768 i
r> 2.0.0.2/32 100.1.3.3 0 3 2 i
R1#sh ip ro
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
C 1.0.0.1 is directly connected, Loopback1
2.0.0.0/32 is subnetted, 1 subnets
O 2.0.0.2 [110/2] via 100.1.2.2, 00:00:48, GigabitEthernet0/0
100.0.0.0/8 is variably subnetted, 4 subnets, 2 masks
C 100.1.2.0/24 is directly connected, GigabitEthernet0/0
L 100.1.2.1/32 is directly connected, GigabitEthernet0/0
C 100.1.3.0/24 is directly connected, GigabitEthernet0/1
L 100.1.3.1/32 is directly connected, GigabitEthernet0/1
R1#sh ip ro 2.0.0.2
Routing entry for 2.0.0.2/32
Known via "ospf 1", distance 110, metric 2, type intra area
Last update from 100.1.2.2 on GigabitEthernet0/0, 00:01:12 ago
Routing Descriptor Blocks:
* 100.1.2.2, from 2.0.0.2, 00:01:12 ago, via GigabitEthernet0/0
Route metric is 2, traffic share count is 1
R1#sh ip bgp 2.0.0.2
BGP routing table entry for 2.0.0.2/32, version 3
Paths: (1 available, best #1, table default, RIB-failure(17) - next-hop mismatch)
Not advertised to any peer
Refresh Epoch 1
3 2
100.1.3.3 from 100.1.3.3 (100.2.3.3)
Origin IGP, localpref 100, valid, external, best
rx pathid: 0, tx pathid: 0x0
R1#traceroute 2.0.0.2 source 1.0.0.1
Type escape sequence to abort.
Tracing the route to 2.0.0.2
VRF info: (vrf in name/id, vrf out name/id)
1 100.1.2.2 5 msec 5 msec 4 msec
R1#
References
tech/network/cisco/bgp/bgp/backdoor/backdoor.txt · Last modified: 2019/02/14 21:07 by wnoguchi
