Официален блог на WebEKM EKM очаквайте сайта онлайн скоро.
Download Free Templates http://bigtheme.net/ free full Wordpress, Joomla, Mgento - premium themes.
BGP Standard and Extended Community attribute
The ‘BGP community’ is an additional information (attribute) added to prefixes, that is being advertised to the BGP neighbors. Based on this information a BGP neighbor can make a decision what else to do with received prefix. For example we may mainpulate attributes, filter routes, etc.
There are two kinds of BGP Community : standard and extended. Firstly we will talk over standard. “Community” is an optional transitive attribute and by default is not being exchanged between BGP peers, so all prefixes are being propagated. We have to clearly specify if we want to send community value to the neighbor with command
neighbor [neigbor_address] send-community
Community value
The community value may be expressed in 3 formats :decimal,hexadecimal and AS:NN (Autonomous System and choosen number). By default is used decimal value that is very inconvenient. In order to switch to AS:NN format we have to run command
ip bgp-community new-format
The community value consists of 2 parts: first 16 bits our Autonomous System number, the remained 16 bits any that we pick up (for example it might be a value that correspond with the value of the attribute that we want to modify, but doesn’t have to). Example 32458:100
Types of Communities
We distinguish below predifined Communities:
No-Advertise: don’t advertise the prefix to any BGP neighbors.
No-Export: don’t advertise the prefix to any eBGP neighbors.
Local-AS: don’t advertise the prefix outside of the sub-AS ( used for BGP confederations).
Internet – advertise to all BGP speaker devices
We may also specify our own community attribute in format AS:NN or combine them in the same route-map
The single route may be assigned to more than one community !
How do we set up Community value?
We set up Community attribute values via route-maps.
route-map COMMUNITY
set community 23189:345
or
set community no-export
We may also specify exact networks that we want to assign Community attribute
ip prefix-list PREF_LIST permit 192.168.200.0/24
route-map COMMUNITY
match ip address prefix-list PREF_LIST
set community 23189:345
How do we apply, Community values?
against specified networks with ‘network’ command
network 192.168.1.0 mask 255.255.255.0 route-map COMMUNITY
against specified neighbors with ‘neighbor’ command direction ‘in’ or ‘out’
neighbor 1.1.1.1 route-map COMMUNITY in/out
via redistribution process
redistribute connected route-map COMMUNITY
Important thing!
Our BGP peer neighbor will not get any information about community if we didn’t notify him that we are going to send its! We accomplish this with command
neighbor 1.1.1.1 send-community
Only then neighbor 1.1.1.1 will get ‘Community attribute’ value
How do we utilize Communities?
Assigning the Community is the first part, alike route tagging, we tag routes and then we want to make action against them. The neighbor gets Community value for specified neighbor or networks but by itself will not make any action. We ‘make action’ in 3 steps:
1. By using ‘ip community-list’ to match the interested Community value
ip community-list 1 permit 23189:345
2. By using route-map to set up an attribute
route-map COMMUNITY
match community 1
set metric 100
3. By pointing out the place of utilization
router bgp 23189
neighbor 192.168.12.1 route-map COM in
EXAMPLE:
R1
ip bgp-community new-format
route-map COMMUNITY
set community 1:111
router bgp 1
neighbor 10.2.2.2 remote-as 2
neighbor 10.2.2.2 send-community
network 172.16.1.0 mask 255.255.255.0 route-map COMMUNITY
R2
R2 gets the update with community attribute 1:111, but do nothing with that pay attention to “metric 0” value
before applying community-list
ip community-list 1 permit 1:111
route-map COMMUNITY
match community 1
set metric 111
router bgp 2
neighbor 10.1.1.1 route-map COMMUNITY in
clear ip bgp 1
EXTENDED COMMUNITY and VPNv4
We use vpnv4 in case of L3VPN and VRFs in order to advertise prefixes between Customer edge routers. Actually each VRF is a separate VPN. We use RD- Route Distinguisher that enables us “tagging routes” within VRF. Also we use Route Targets and thanks to extended communities ‘route-target import‘ and ‘route-target export‘ we may configure route leaking between 2 VRFs or as in below case we state that we want to exchange all prefixes with rd 2345:1 between CustomerA routers.Unlike Standard Community , Extended Community ‘neighbor x.x.x.x send-community extended‘ statement is being added automatically under ‘address-family vpnv4‘. In below configuration you see ‘send-community both‘ in case CustomerA would like to send his own communities within BGP 65000
EXAMPLE:
ip vrf customerA
rd 2345:1
route-target import 2345:1
route-target export 2345:1
ip bgp new-format
router bgp 1
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community both (standard and extended)
exit-address-family
ip vrf customerA
rd 2345:1
route-target import 2345:1
route-target export 2345:1
ip bgp new-format
router bgp 1
address-family vpnv4
neighbor 1.1.1.1 activate
neighbor 1.1.1.1 send-community both (standard and extended)
exit-address-family