BGP Communities Explained

Hi Team,

BGP Well know communities (no-advertise ,local-as,no-export) will support on BGP Confederation and Router Reflector?

Hello Gowthamraj

BGP well-known communities can indeed be used in an environment where you use confederations:

  • no-advertise simply doesn’t advertise the prefix to any BGP neighbours regardless of whether or not they are configured in a confederation
  • no-export doesn’t advertise between eBGP neighbours outside of the confederation. These prefixes are advertised from sub-AS to sub-AS
  • local-as doesn’t advertise a prefix outside of its own sub-AS

So you see, communities can be configured in an environment where confederations are used.

Similarly, the use of a RR does not hinder the use of these communities. You can still send these communities within an iBGP area to be shared regardless of whether or not you’re using an RR, ti will still function the same way.

I hope this has been helpful!

Laz

hi lagapides,

still i am in confused you mean no-export only not supported in confederation

hi sir,
i m poor in English my name is Mohammed Layeeq I m running a local ISP. i have own ASN i was took training on cisco enterprises ,CCNA & CCNP. i have facing some problem to announced prefixes can you help me.

Hello Mohammed!

Welcome to the forum! Sure, we can help you out, but we need you to make use of the lessons found within the site. Take a look at the following lessons that deal with advertising networks via BGP:



See if you can find the answers you’re looking for in any of these or other BGP lessons on the site. If you have any specific questions about any features that you read about, feel free to ask!

I hope this has been helpful!

Laz

Thanks Lazaros

your information is use full for me

i have another request sir reg peering how to connect and all thing

Hello Gowthamraj

In order to explain it more clearly, take a look at the following diagram of a network using confederations:

Note the following:

  • If R5 has a prefix with a no-advertise community, it will not be sent to any BGP neighbor.
  • If R5 has a prefix with no-export community, it will be sent to all neighbors within AS2, specifically, R3, R2, and R4.
  • If R5 has a prefix with local-as community, it will be sent only within subAS 35, specifically, only to R3.
  • If R5 has a prefix with internet community (which is the default if no communities are configured) then it will be sent to all routers in all AS’es including R1.

I hope this has been helpful!

Laz

Thank you lagapides, now i understand that concepts. i though if R5 has prefix with no-export community it will advertise only within AS35 (IBGP). so In BGP confederation we can consider AS2 as whole right.even though we use sub AS, it looks like IBGP. am i right?

Hello Mohammed

BGP peering is simply another name for creating BGP neighbors. How that is accomplished can be found in the following lessons:


Take a look and if you have any more specific questions, feel free to ask!

I hope this has been helpful!

Laz

Hello Gowthamraj

Yes, you can consider AS to be a single autonomous system using iBGP. All other external AS’es such as AS1 in the above diagram will certainly see it that way, without needing to know anything about its internal structure. The use of subAS’es simply allows you to scale a single AS more efficiently. YOu can find out more about confederations at the following lesson:

I hope this has been helpful!

Laz

AS per the below explains that the second route map permits all other prefixes without denying.

Customer(config)#route-map SET_COMMUNITY permit 10
Customer(config-route-map)#match ip address prefix-list LOOPBACK
Customer(config-route-map)#set community 64984:0
Customer(config-route-map)#exit
Customer(config)#route-map SET_COMMUNITY permit 20

What happens if I just write the Route-map in the first statement with no prefix matched? Will that mean permit all? or we need to match the first route map with any prefix and the second statement represents all other.

Customer(config)#route-map SET_COMMUNITY permit 10
Customer(config-route-map)#set community 64984:0
Customer(config-route-map)#exit

Customer(config)#router bgp 10
Customer(config-router)#neighbor 192.168.10.1 route-map SET_COMMUNITY out
Customer(config-router)#neighbor 192.168.10.1 send-community

Hello Kaza

Like all route maps, whenever there is no match statement, everything is matched. (Take a look at Introduction to route maps)

So in the first case, only the prefix 10.10.10.10/32 is matched (the LOOPBACK ACL), and only that prefix will have the community set. The second permit statement simply matches the everything else and does nothing to those prefixes.

In the second case, if you have no match statement, every prefix will have the set community command applied to it.

I hope this has been helpful!

Laz

Hello,
In the lab scenario, how can we do this: deny exporting customer local prefix 10.10.10.0 from isp1 to isp3. Thus, there will be no 10.10.10.0 prefix in isp3 bgp table. Is this possible to do this from customer site?
Actually, I mean, when we set community no-export, can we specify eBGP or AS number to not to export the prefix. Thank you.

Hello Ike

I’m not sure I completely understood your scenario, but keep in mind that the no-export community will tell eBGP neighbors to advertise a prefix only to their iBGP neighbors. In other words, the prefix will be advertised from one AS to another, but will not be advertised beyond that AS. Take a look at the following lesson which describes the way it works in detail:


The no-export community cannot specify to which AS number you should not export the prefix. It is a general rule that is applied to all.

If you want to specifically filter out a prefix from one particular AS to another, then the best solution would be to use BGP filtering. You can find many lessons that deal with this concept under Unit 5: BGP Filtering of the BGP course shown below:

I hope this has been helpful!

Laz

“The no-export community cannot specify to which AS number you should not export the prefix. It is a general rule that is applied to all.”
This answers my question.
Thank you Lazaros.

1 Like

I know my BGP community is being sent correctly from my source router to the upstream neighbor. What show/debug commands can I use if I did not have access to the upstream router and I had to verify my source router is actually sending the community? Thanks!

Hello Jeremy

After spending some time doing some research, and experimenting in the lab, it looks like there’s no way to see the community being sent with a prefix from the point of view of the sender using IOS. Commands such as the following show prefixes being sent, but don’t include information about the community:

show ip bgp neighor x.x.x.x advertised-routes
debug ip bgp update out

On routers running IOS-XR, apparently, there is the command show bgp advertised which according to the following Cisco documentation, does include the community being sent, but I was unable to test this as I do not have access to this IOS type and version.


If you need to know this information, the most surefire way to do it is to do a packet capture and see the contents of the BGP update sent to the neighbor.

I hope this has been helpful!

Laz

Hi Laz,

I have one doubt why are we getting path 11111 10 i, i think it must be 1111 10 i as per we prepended As path 4 times using route map?

I figured it out using Embedded Packet Capture. Very basic example here: https://github.com/jwrightazure/lab/tree/master/CSR-Embedded-Packet-Capture

Hello Jeremy

Great, using the embedded packet capture, you’re able to see the information included in the sent BGP message. Thanks for sharing!!

Laz