Administrative Distance and Its Effects on BGP

When BGP and IGPs are used together for IP routing, as they generally will be in an enterprise network, you might sometimes want a router to prefer an IGP route to an E-BGP route. Under normal circumstances, this will not be possible because routers always prefer E-BGP routes because they have a lower administrative distance. The Cisco IOS Software uses the administrative distances shown in Table 9-11.

Table 9-11. Default Administrative Distances

Administrative Distance

Protocol

0

Directly connected networks

1

Static routes

20

E-BGP

90

Internal EIGRP

100

IGRP

110

OSPF

115

IS-IS

120

RIP

170

External EIGRP

200

I-BGP

255

Unknown

You can deal with these situations in a couple of ways. You could increase the administrative distance of an IGP protocol or increase the administrative distance for E-BGP routers using the distance distance-value command (or distance bgp external-distance internal-distance local-distance command for E-BGP routes); however, the effects of this command are rather broad and might produce unwanted results. Another more granular approach is to use the bgp backdoor command to alter routes on a network-by-network basis.

What Backdoors Are and How You Use Them

BGP backdoors are designed to change E-BGP administrative distance to allow IGP routes to have administrative preference in the IP routing table. The BGP backdoor command basically takes the specified E-BGP routes and changes the administrative distance from 20 to 200, the same distance as an I-BGP route, allowing IGP routes to take administrative precedence in the routing table. In Figure 9-18, for example, the Pike router has two paths to the 102.231.6.0/29 network—one by means of the Pine router and the other through the Union router.

vt320918.gif

Figure 9-18 Administrative Distance and Routing on the Downtown Network

Because the Pike and Pine routers are not BGP neighbors, the Pike router stores only one route to the 102.231.6.0/29 network. The reason the Pike router ignores the EIGRP route is that that route has an administrative distance of 90, which is higher than the Union router's E-BGP administrative distance of 20, as shown in Example 9-90.

Example 9-90. Pike Router's Routing Table Before the Backdoor

Pike# show ip route | begin subnet
102.0.0.0/29 is subnetted, 1 subnets
B       102.231.6.0 [20/0] via 56.21.89.10, 00:05:49
     56.0.0.0/30 is subnetted, 2 subnets
C       56.21.89.4 is directly connected, Serial0
C       56.21.89.8 is directly connected, Serial1

To allow the Pike router to use the two EIGRP routes to the 102.231.6.0/29 network, you can just configure a BGP backdoor for that network. BGP backdoors are configured using the network network-prefix mask network-mask backdoor command. You would be correct in thinking that the BGP network command cannot be used to generate a BGP advertisement for an indirectly connected network; however, in this case, the network command is used locally to change the administrative distance of a backdoor route. BGP does not advertise the route as a local route; the administrative distance for the route is simply altered, allowing the EIGRP routes to be administratively preferred by the main IP routing table. Example 9-91 shows how the BGP backdoor command is used to change the IP routing preference for the 102.231.6.0/29 network.

Example 9-91. Changing the Administrative Distance with a BGP Backdoor

Pike# show run | begin eigrp
router eigrp 107
 network 56.21.89.4 0.0.0.3
 network 56.21.89.8 0.0.0.3
 maximum-paths 2
 no auto-summary
 no eigrp log-neighbor-changes
!
router bgp 202
 no synchronization
 bgp log-neighbor-changes
 network 56.21.89.8 mask 255.255.255.252
 network 102.231.6.0 mask 255.255.255.248 backdoor
 neighbor 56.21.89.10 remote-as 10101
 no auto-summary

Example 9-92 shows the resulting changes to the IP routing table. After this configuration is applied, the administrative distance for the BGP route is changed, and the E-BGP route is removed from the main IP routing table. At this time, the two EIGRP routes are added because they now have a lower administrative distance. Also, notice that the show ip bgp 102.231.6.0/29 command still shows the route as the best route and the BGP network is still not advertised to any peer.

Example 9-92. Pike Router Configuration After the BGP Backdoor

Pike# show ip route | begin subnet
     102.0.0.0/29 is subnetted, 1 subnets
D       102.231.6.0 [90/2195456] via 56.21.89.10, 00:01:14, Serial1
[90/2195456] via 56.21.89.6, 00:01:14, Serial0
     56.0.0.0/30 is subnetted, 2 subnets
C       56.21.89.4 is directly connected, Serial0
C       56.21.89.8 is directly connected, Serial1
Pike# show ip bgp 102.231.6.0/29
BGP routing table entry for 102.231.6.0/29, version 6
Paths: (1 available, best #1, table Default-IP-Routing-Table)
Flag: 0x800
  Not advertised to any peer
  10101
    56.21.89.10 from 56.21.89.10 (10.2.2.1)
      Origin IGP, metric 0, localpref 100, valid, external, best

Now that you understand the many ways that BGP can be configured for routing and policy enforcement, it's time to examine how BGP enables you to control Internet routing table stability, by means of route dampening, and some of the ways that BGP can be tuned to perform more efficiently.

+ Share This