Using BGP communities to influence routing
Some free time here in Europe and thus time for another quick blog post & to take my mind away from depressing people!
One of impressive features of major European networks is support for BGP communities. In India it’s almost non-existent. Setting it up isn’t hard technically but from capacity management side, Indian ISPs are somewhat shy in setting it up.
Let’s put a case where we have a Customer router (R1 with AS1), upstream of customer (R2 with AS2), upstream of upstream (R3 with AS3), peer of upstream (R4 with router4). Let’s try to setup communities so that customer at AS1 can control his BGP announcements and announce some prefixes to AS3 and some to AS4 selectively to control inbound traffic flow.
All of them are peering with basic simple BGP session. AS1 is announcing 8.8.8.0/24 and 9.9.9.0/24 to R2 and wishes to announce 8.8.8.0/24 to R3 and R4 while 9.9.9.0/24 just to R4.
Now this selective announcement thing will be done at R2 but triggered by R1 based on community tags.
Here provider R2 will provide say following community strings:
3000 - for announcement to R3 only
4000 - for announcement to R4 only
If route is not tagged with any community, it will be announced to both (default behavior of BGP/upstream).
Before putting any community here’s what we can see on all routers:
R1#sh ip bgp
BGP table version is 3, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 8.8.8.0/24 0.0.0.0 0 32768 i
*> 9.9.9.0/24 0.0.0.0 0 32768 i
R1#
R2#sh ip bgp
BGP table version is 26, local router ID is 1.1.1.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 8.8.8.0/24 1.1.1.1 0 0 1 i
*> 9.9.9.0/24 1.1.1.1 0 0 1 i
R2#
R3>sh ip bgp
BGP table version is 15, local router ID is 1.1.1.6
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 8.8.8.0/24 1.1.1.5 0 2 1 i
*> 9.9.9.0/24 1.1.1.5 0 2 1 i
R3>
R4>sh ip bgp
BGP table version is 13, local router ID is 1.1.1.10
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 8.8.8.0/24 1.1.1.9 0 2 1 i
*> 9.9.9.0/24 1.1.1.9 0 2 1 i
R4>
So basic interface conf and BGP conf seems all good. Now setting up community rules on R2 for announcement:
Now here’s simple logic I will put on R1 to tag routes:
- Route1 will have a route-map “rmap” which will match for given prefix and will set community based on that.
- Given prefix match in step #1 will be done using IP prefix list.
R1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#ip pre
R1(config)#ip prefix-list ?
WORD Name of a prefix list
sequence-number Include/exclude sequence numbers in NVGEN
R1(config)#ip prefix-list prefix-list1 ?
R1(config)#ip prefix-list prefix-list1 permit 8.8.8.0/24
R1(config)#ip prefix-list prefix-list2 permit 9.9.9.0/24
R1(config)#
R1(config-route-map)#match ip address prefix-list prefix-list1
R1(config-route-map)#set community 3000
R1(config-route-map)#exit
R1(config)#route-map rmap permit 20
R1(config-route-map)#match ip address prefix-list prefix-list2
R1(config-route-map)#set community 4000
R1(config-route-map)#exit
R1(config)#
R1(config)#router bgp 1
R1(config-router)#neighbor 1.1.1.2 send-community
R1(config-router)#neighbor 1.1.1.2 route-map rmap out
R1(config-router)#end
R1#wr
Building configuration…
[OK]
R1#
*Nov 8 19:04:21.810: %SYS-5-CONFIG_I: Configured from console by console
R1#clear bgp all 2
R1#
*Nov 8 19:04:28.898: %BGP-5-ADJCHANGE: neighbor 1.1.1.2 Down User reset
*Nov 8 19:04:29.486: %BGP-5-ADJCHANGE: neighbor 1.1.1.2 Up
Now let’s check R2 on what it is getting:
R2#sh ip bgp 8.8.8.0
BGP routing table entry for 8.8.8.0/24, version 56
Paths: (1 available, best #1, table Default-IP-Routing-Table)
Advertised to update-groups:
1 2
1
1.1.1.1 from 1.1.1.1 (1.1.1.1)
Origin IGP, metric 0, localpref 100, valid, external, best
Community: 3000
R2#sh ip bgp 9.9.9.0
BGP routing table entry for 9.9.9.0/24, version 55
Paths: (1 available, best #1, table Default-IP-Routing-Table)
Advertised to update-groups:
1
1
1.1.1.1 from 1.1.1.1 (1.1.1.1)
Origin IGP, metric 0, localpref 100, valid, external, best
Community: 4000
R2#
All good! :)
So now R2 is getting communities. Next logical step is setup of R2 to announce prefixes with community 3000 to R3 and 4000 to R4.
Next logical steps:
- Create community list defining communities 3000 and 4000.
- Connect these lists with route-map.
- Add route-map on BGP neighbors.
Here we go!
R2#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#ip community-list 1 permit 3000
R2(config)#ip community-list 2 permit 4000
R2(config)#
R2(config)#route-map rmap1 permit 10
R2(config-route-map)#match community 1
R2(config-route-map)#exit
R2(config)#route-map rmap2 permit 10
R2(config-route-map)#match community 2
R2(config-route-map)#exit
R2(config)#
R2(config)#router bgp 2
R2(config-router)#neighbor 1.1.1.6 route-map rmap1 out
R2(config-router)#neighbor 1.1.1.10 route-map rmap2 out
R2(config-router)#end
R2#wr
Building configuration…
[OK]
R2#c
*Nov 8 19:16:44.394: %SYS-5-CONFIG_I: Configured from console by consol
R2#
R2#
R2#clear bgp all 3
R2#clear bgp all 4
R2#
Checking BGP announcements to each peer now:
R2#sh ip bgp neighbors 1.1.1.6 advertised-routes
BGP table version is 56, local router ID is 1.1.1.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 8.8.8.0/24 1.1.1.1 0 0 1 i
Total number of prefixes 1
R2#sh ip bgp neighbors 1.1.1.10 advertised-routes
BGP table version is 56, local router ID is 1.1.1.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 9.9.9.0/24 1.1.1.1 0 0 1 i
Total number of prefixes 1
R2#
And cross checking on each R3 and R4:
R3>sh ip bgp
BGP table version is 34, local router ID is 1.1.1.6
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 8.8.8.0/24 1.1.1.5 0 2 1 i
R3>
Only 8.8.8.0/24 is visible while on R3. Similarly on R4:
R4>sh ip bgp
BGP table version is 44, local router ID is 1.1.1.10
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 9.9.9.0/24 1.1.1.9 0 2 1 i
R4>
You can find config of each R1, R2, R3 and R4 for reference. Also checkout One Step Consulting page with BGP communities used by some major networks.