From the blog.

Managing Digital Racket
The more I tune out, the less I miss it. But that has presented me with some complex choices for a nuanced approach to curb
Complexity – My Friend, My Enemy
Over my years of network engineering, I've learned that the fewer features you can implement while still achieving a business goal, the better. Why? Fewer

OECG – Chapter 13

463 Words. Plan about 3 minute(s) to read this.

And I last I stumble and crawl through this last section in the 125+ pages of BGP – that of BGP communities. Ugh. I’ll be glad to move into QoS.

The COMMUNITY PA is a field that is populated by a remote AS before the update is sent to a neighbor. Then the recipient of that route can make a decision based on what’s in the community PA. Typically, this is used to set LOCAL_PREF, which is used very early in the BGP decision process. In this way, an AS can route traffic with a particular community to one AS, and traffic with a different community to a different AS.

The COMMUNITY PA is an optional transitive PA – so if a router receives a community but doesn’t know what to do with it, he can just forward that PA on in his updates, meaning that downstream routers will have the opportunity to act on the community. If you are going to send updates with the COMMUNITY PA set, you must use the “neighbor send-community” command. For a router to match communities in a route-map, he must leverage “ip community-list”s.

The “ip community-list” is driven by the unique format of the BGP COMMUNITY PA. It’s a 32-bit number as originally created by Cisco. When it became an RFC1997 standard, the format was updated to AA:NN, where AA is a 16-bit number, probably an ASN, and NN is whatever value the ASN sets. The 2 fields together are still a 32-bit number. A router can display the number in either format. If you want to see RFC1997 format when typing “show route-map”, use the “ip bgp-community new-format” command. And although I don’t readily see the application for this feature, you can put multiple values into the COMMUNITY PA. A “set community 10 20 30” would contain all 3 values. A “set community 10 20 30 additive” command would append those values to the existing string.

Because you can do all these gee-whiz things with communities, you can test for pattern-matches with the “show ip bgp community-list <list>”, which will list NLRIs that match the communities as defined by your community-list.

You may discover that you want to strip your NLRIs of all community information, accomplishable with a “set community none” in a route-map. You can also filter routes from being sent in updates based on the community, using “match community” in a route-map. Also worth noting are the reserved community values, which tell the router special things:

  • NO_EXPORT – FFFF:FF01 – don’t advertise this NLRI outside the AS (although advertising to another confederation is okay).
  • NO_ADVERT – FFFF:FF02 – don’t advertise to anyone else, period.
  • LOCAL_AS (Cisco) aka NO_EXPORT_SUBCONFED (RFC1997) – FFFF:FF03 – don’t advertise outside the local confederation sub-AS.