Pages

Wednesday, January 5, 2011

BGP Community attribute

BGP Community attributes

BGP community is a optional attribute of BGP routing protocol. It can be considered as a tag in IGP, making a set of IP addresses. The community strings often use to manipulate route, set BGP attributes for a set of ip addresses. We use access-list or prefix list to assign the community to IP addresses. Once the community attribute has been assigned, it can be changed by the route-map function in the router. By default, the community string is a decimal number. However, we can change to a new format (AA:NN) by using ip bgp-community new-format where AA is Autonomous system number and NN is a value as set by ASN.

In addition, there are 3 special community values. The command name and function are as followings.










To assign BGP community string, we use set community <number>/<special community string> in the route-map command. Or, we can use ip community-list <community string> permit/deny <ACL number> as well.

Below is the sample of how to configure BGP special community string and how it works. We will not talk about a decimal community string here since it is functioning the same as a IGP tag. In the example. R1, R2 and R3 are in AS 100 and R4 is in 200. OSPF is running between R1,R2 and R3. Here is the task list of this example.

  • Establish eBGP connection between R1 and R4 
  • Establish iBGP connection between R1, R2 and R3 with Route-Reflector
  • R3 advertise its loopback network in BGP with the community string as shown in the figure.
  • Verify route received and community string on R2, R1, and R4


In this example, we expect as followings
  • R2 will not have any clue about prefix 150.150.150.0/24 (R1 does not advertise to any of its peers)
  • Prefix 100.100.100.0/24 will not be advertised out of the AS 100
  • Prefix 200.200.200.0/24 will be advertised normally.


Configuration R3
Advertising its loopback networks in BGP with the community string as shown in the figure.

Create access-list for each loopback interface

ip access-list standard only-100
 permit 100.100.0.0 0.0.255.255

ip access-list standard only-150
 permit 150.150.0.0 0.0.255.255

ip access-list standard only-200
 permit 200.200.0.0 0.0.255.255

Assign the access-list to the route-map and assign the community string according to the diagram.

route-map communityset permit 10
 match ip address only-100
 set community no-export
!
route-map communityset permit 20
 match ip address only-150
 set community no-advertise
!
route-map communityset permit 30
 set community none

Apply policy "communityset" to bgp session. 

router bgp 100
 no synchronization
 bgp log-neighbor-changes
 network 100.100.100.0 mask 255.255.255.0
 network 150.150.150.0 mask 255.255.255.0
 network 200.200.200.0
 neighbor 1.1.1.1 remote-as 100
 neighbor 1.1.1.1 update-source Loopback0
 neighbor 1.1.1.1 send-community both
 neighbor 1.1.1.1 route-map communityset out
 no auto-summary

Note
  1. "neighbor send community" needs to apply to the neighbor in order to send out the community string
  2. Apply the route-map to neighbor
Verify the configuration

R1 community string Verification

R1#sh ip bgp 100.100.100.0
BGP routing table entry for 100.100.100.0/24, version 24
Paths: (1 available, best #1, table Default-IP-Routing-Table, not advertised to EBGP peer)
  Advertised to update-groups:
        2
  Local, (Received from a RR-client)
    3.3.3.3 (metric 21) from 3.3.3.3 (3.3.3.3)
      Origin IGP, metric 0, localpref 100, valid, internal, best
      Community: no-export
R1#
R1#sh ip bgp 150.150.150.0
BGP routing table entry for 150.150.150.0/24, version 25
Paths: (1 available, best #1, table Default-IP-Routing-Table, not advertised to any peer)
  Not advertised to any peer
  Local, (Received from a RR-client)
    3.3.3.3 (metric 21) from 3.3.3.3 (3.3.3.3)
      Origin IGP, metric 0, localpref 100, valid, internal, best
      Community: no-advertise
R1#

Routing table Verification

1) No 150.150.150.0/24 in R2 routing table 

R2 Routing table 

B    200.200.200.0/24 [200/0] via 3.3.3.3, 16:28:17
     1.0.0.0/32 is subnetted, 1 subnets
O       1.1.1.1 [110/11] via 192.168.1.1, 16:54:32, FastEthernet0/0
     2.0.0.0/32 is subnetted, 1 subnets
C       2.2.2.2 is directly connected, Loopback0
     100.0.0.0/24 is subnetted, 1 subnets
B       100.100.100.0 [200/0] via 3.3.3.3, 16:52:28
     3.0.0.0/32 is subnetted, 1 subnets
O       3.3.3.3 [110/11] via 192.168.2.2, 16:53:54, FastEthernet0/1
     10.0.0.0/24 is subnetted, 1 subnets
O       10.1.1.0 [110/20] via 192.168.1.1, 16:54:32, FastEthernet0/0
     123.0.0.0/24 is subnetted, 1 subnets
B       123.1.1.0 [200/0] via 1.1.1.1, 16:49:44
C    192.168.1.0/24 is directly connected, FastEthernet0/0
C    192.168.2.0/24 is directly connected, FastEthernet0/1
R2#

2) No 100.100.100.0/24 in R4 routing table 

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

B    200.200.200.0/24 [20/0] via 10.1.1.1, 16:30:36
     10.0.0.0/24 is subnetted, 1 subnets
C       10.1.1.0 is directly connected, FastEthernet0/0
     123.0.0.0/24 is subnetted, 1 subnets
C       123.1.1.0 is directly connected, Loopback0
R4#

R1 Routing table
Gateway of last resort is not set

B    200.200.200.0/24 [200/0] via 3.3.3.3, 16:31:09
     1.0.0.0/24 is subnetted, 1 subnets
C       1.1.1.0 is directly connected, Loopback0
     2.0.0.0/32 is subnetted, 1 subnets
O       2.2.2.2 [110/11] via 192.168.1.2, 16:57:33, FastEthernet0/1
     100.0.0.0/24 is subnetted, 1 subnets
B       100.100.100.0 [200/0] via 3.3.3.3, 16:39:33
     3.0.0.0/32 is subnetted, 1 subnets
O       3.3.3.3 [110/21] via 192.168.1.2, 16:55:43, FastEthernet0/1
     10.0.0.0/24 is subnetted, 1 subnets
C       10.1.1.0 is directly connected, FastEthernet0/0
     123.0.0.0/24 is subnetted, 1 subnets
B       123.1.1.0 [20/0] via 10.1.1.2, 16:52:35
C    192.168.1.0/24 is directly connected, FastEthernet0/1
O    192.168.2.0/24 [110/20] via 192.168.1.2, 16:56:55, FastEthernet0/1
     150.150.0.0/24 is subnetted, 1 subnets
B       150.150.150.0 [200/0] via 3.3.3.3, 16:35:24
R1#
Posted by BBru at 9:49 AM
Labels:

2 comments:

  1. UnknownOctober 4, 2013 at 8:48 AM

    Nice explanation . able to understand easily. thanks

    ReplyDelete
  2. UnknownJune 11, 2020 at 9:43 AM

    I think this is wrong, R1 should not see 150 network, R2 should see

    ReplyDelete

Subscribe to: Post Comments (Atom)