BGP Communities Explained

Hello sed

@ReneMolenaar has not yet created a lesson that encompasses extended communities as well. However, in the meantime you can take a look at this Cisco documentation that covers some configuration issues:

I hope this has been helpful!

Laz

1 Like

Hello,

I haven’t read yet the well known communities chapters, but can you give an example for Internet community (I don’t see a lesson for this one)? The description sounds strange (advertise the prefix to all BGP neighbors), this should be done by default (I guess…).

Many thanks,
Stefanita

Hello Staut

You make a good point, and this is an opportunity for clarification.

The Internet community is actually a Cisco defined community. It is kind of like a “catch all” that defines “normal” behaviour in the event that no other communities are defined. So in a sense, it is the “default” community that allows all prefixes to be advertised. Where the other three say “don’t advertise such and such” the Internet community says “advertise everything!”

I hope this has been helpful!

Laz

1 Like

Hi,

ISP1(config)#route-map PREPEND_EU permit 10     
ISP1(config-route-map)#match community 1
ISP1(config-route-map)#set as prepend 1 1 1 1                 
ISP1(config-route-map)#exit
ISP1(config)#route-map PREPEND_EU permit 20

Why do we need route-map PREPEND_EU permit 20 here

Thanks

Hi Sims,

The route-map has an invisible deny statement at the bottom, similar to how an access-list works. If you don’t add that empty permit 20 statement, you’ll deny everything that you don’t permit in the first statement.

Rene

1 Like

HI
I currently have a fortigate connected to a ISP via a 1g and 10 g link.
I have asymmetric routing, so I shut down the 1G. however this is a back up.
I need to put an inbound route filter on the routes learned from the ISP to stop routes we announce to then on one link from being learned back on the other . I am thinking of tagging the routes with a BGP extended community so that they can be easily recognized on the way back in without maintaining an explicit prefix list.

Hello Michael

Yes, one option would be to use an extended community in the manner you describe. This lesson here will give you more information about this.


If you know the specific prefixes in question, and they will not change over time, then you can also use prefix lists to filter out the prefixes you want. You can find out more about this here:

I hope this has been helpful!

Laz

1 Like

Hello Rene, from the example i see that ISP 2 is seeing prepend path 1 1 1 1 1 10 i
But isp 3 is not showing the prepended path. its just showing “1 10 i”.
my question is as per the config ISP 3 should also see the prepend path as 1 1 1 1 1 10 i right ??

Hello Nanda

Notice that on ISP1, the command Rene used is the following:

ISP1(config)#router bgp 1 
ISP1(config-router)#neighbor 192.168.12.2 route-map PREPEND_EU out

This means that the prepending route map will only be applied for routes that are sent from ISP1 to the neighbor with IP address 192.168.12.2, which is ISP2. ISP3 is not affected at all by the prepending that takes place, even though the customer sends the community configuration to ISP1. In order for ISP3 to also have this prepend path, the following would have to be added to ISP1:

ISP1(config-router)#neighbor 192.168.13.3 route-map PREPEND_EU out

I hope this has been helpful!

Laz

1 Like

Are there 2 types of communities in BGP?
I saw about the cost communities which only works for iBGP and then this communities
with EBGP.

Hello Diafeked

BGP communities are additional piece of information attached to prefixes that tell BGP routers how to handle those prefixes. Communities are shared between iBGP and eBGP peers alike. BGP communities are transitive BGP attributes, which means they are shared between different Autonomous Systems.

Now there are two types of communities. The first consists of four “well known” communities which are predefined for all BGP routers. These are described in the lesson. The second type consists of extended communities, that is, those that are not well known. These are custom communities that you can define yourself. So when we say type, there really isn’t any difference in the way the communities are actually managed, it’s just a set of predefined communities that all BGP routers know about. All communities are managed in the same way.

Now some vendors, like Cisco have created extended BGP communities that are predefined within their own devices. One such extended community is indeed the cost community. Cisco has predefined this extended community to function in a specific way, and can be enabled by using predefined commands. Specifically, the set extcommuhity cost command can be used to create this community, along with all of the parameters that Cisco has predetermined. This specific extended community is a configured to be a non transient extended community, and this does indeed mean that it is passed between iBGP peers but not between eBGP peers.

You can find out more info about the cost extended BGP community at the following Cisco documentation:

I hope this has been helpful!

Laz

Thank you sir, i got it now.

1 Like

The link to Internet community is broken, do you have another one

Hello Heriberto

The reason why the “Internet” community has no link in the lesson is because there is no lesson about this community. It is actually the default state. By default, all routes belong to the general Internet community.

This got me thinking (and researching) and I found out that RFC1997 actually only mentions three well-known communities. The Internet community is one that Cisco has added as a fourth.

This community doesn’t function like the rest. When you configure an IP community list, sometimes you want to add a “permit all” statement, because community lists act like access lists with an implicit deny all at the end. However, the Internet community acts like a “permit all” statement that essentially says “Advertise prefix to ALL BGP neighbors.”

This is a functionality that is only found within Cisco devices, unless, like some other features, other vendors have incorporated it into their devices as well simply to enable compatibility with Cisco.

I hope this has been helpful!

Laz

Hi,
I didn’t understand the needed of make a prefix less preferable for this topology.

In this example ,why customer should care about penalize some prefixes with bgp communities when it has only a single peering with the ISP?

I mean, if the customer is in USA and he want to make an announcment about his network, this network will be less preferable by default for EU, is this correct?

Thanks

I’m reading the OCD CCNP 350-401 Encor and on chapter 12 (advanced BGP) they mention BGP communities and Private BGP communities.

In this lesson you mentioned an example about LVL3 comm 3356:70

I think the above example match the definition of private bgp community (the first 16 bits are originating AS of the comm, and the second 16 bits a defined pattern, in this case locpref 70)

So, what would be an example of a BGP community ? i mean not private BGP community

Hello Juan

I have found the explanation found in the CCNP 350-401 ENCOR book to be a bit lacking in detail, as well as other Cisco Documentation in their explanation of the conventions used for private BGP communities. For this reason, I have gone back to RFC 1997 to find this specific definition:

Communities are treated as 32 bit values, however for administrative
assignment, the following presumptions may be made:

The community attribute values ranging from 0x0000000 through
0x0000FFFF and 0xFFFF0000 through 0xFFFFFFFF are hereby reserved.

The rest of the community attribute values shall be encoded using an
autonomous system number in the first two octets. The semantics of
the final two octets may be defined by the autonomous system (e.g. AS
690 may define research, educational and commercial community values
that may be used for policy routing as defined by the operators of
that AS using community attribute values 0x02B20000 through
0x02B2FFFF).

So in the “new format” this means that 0:0 to 0:65535 and 65535:0 to 65535:65535 are reserved values. The rest of the community attributes values can be used freely and be defined however you like. In other words anything from 1:0 to 65534:65535 is fair game.

Now the suggested format that should be used for all of that range is to indicate the source AS in the first 16 bits, and to indicate “anything you want” in the second set of 16 bits.

Among the reserved ranges of BGP community numbers, we have the three well known communities of NO_EXPORT (0xFFFFFF01) NO_ADVERTISE (0xFFFFFF02) and NO_EXPORT_SUBCONFED (0xFFFFFF03). There are additional communities that have been defined for special purposes that can be found in this RFC draft.

I guess the point here is that the term “private BGP communities” is not very well defined, and not very well explained. It essentially means any BGP community in the range of 1:0 to 65534:65535 where the value before the colon is the number of the originating AS and the number after is a self defined value used for a particular purpose by the administrative body of that AS.

I hope this has been helpful!

Laz

1 Like

Thank you so much for your time and the detailed explanation

HYY RENE MOULENAAR I HAIR THAT S BGP RUN IN APPLICATION LAYER NOT A NETWORK THATS IN :woozy_face:FORMATION TRUE OR NOT

Hello Mohamed

Even though it is used to exchange routing and reachability information, which is a Layer 3 functionality, BGP itself does indeed operate at the Application layer. Because it uses TCP to actually exchange information, it is the Application layer entity of BGP that provides the data for the TCP segments. So BGP is indeed an Application layer protocol.

Compare this with OPSF. It doesn’t use any functionalities above Layer 3, so OSPF is only a Layer 3 protocol.

I hope this has been helpful!

Laz