9.5 Configure BGP to Interact with IGPs
9.5.2
Injection of unwanted or faulty information
Redistributing the whole IGP into BGP could result in some unwanted information being leaked into BGP. Such information could be private addresses, or illegal (not registered) addresses that are supposed to be used within the AS only. Other information could be routes with a prefix length that does not comply with the provider's aggregation policies; a host route with a prefix length of 32 is an example. This could be prevented by careful filtering.

Faulty information can also be injected into BGP because of the mutual exchange of routes between BGP and the IGP. In the same way that an IGP can be redistributed into BGP, BGP routes can be injected into an AS via redistribution into the IGP. When redistribution occurs in both directions, it is called mutual redistribution. In mutual redistribution, information that was injected from the outside into the AS could be sent back to the Internet as having originated from the AS. The figure illustrates the danger of mutual redistribution between protocols.

In the Figure, AS100 is the source of NetA and is sending this information via BGP to AS200. The border router RTC injects that information into the IGP, and RTB learns about it. RTB is configured to redistribute the IGP information into BGP. NetA will end up being advertised via BGP back to the Internet as if it has originated from AS200. This is very misleading to ASs connected to the Internet because NetA now has two sources rather than one source (AS100).

Again, to remedy this situation, special filtering should be put on the border routers to specify what particular networks should be injected from the IGP into BGP. This setup would have stopped NetA from being redistributed back into BGP by RTB. For protocols that differentiate between internal and external routes such as OSPF, the administrator can configure the protocol to ensure that it will redistribute only internal routes into BGP. (In the Cisco implementation, external OSPF routes are automatically blocked from being redistributed into BGP; the administrator has the option of overriding this behavior.) For protocols that do not distinguish between internal and external routes such as RIP or IGRP, special route tagging should be performed to differentiate between external routes and internal routes.