Understanding BGP Communities

In this post I will discuss about BGP communities. In many ISP communities are used extensively for filtering routes and to change the attributes of prefixes. Let’s see what BGP communities are and why it is so important.

BGP Communities: It’s a mechanism to tag (color) routes. We can use a range of numbers to do this and there are some predefined communities. By using communities we can also achieve the return path selection for Multihomed Networks and many other changes in attached attributes.For doing this we need coordination with ISP and understanding of BGP Communities.

BGP Communities are optional transitive attribute; it is represented in 32 bit numerical values which are used to tag a route and ensure the filtering or policies to change the attributes as per requirement (using route-map). The route tagging can be done at the time of incoming update, outgoing update and while performing redistribution.

*By Default, Communities are stripped off in outgoing updates

To advertise the community associated with prefix to EBGP peer, need to configure “neighbor ip-address send community “for particular neighbor.

Using BGP communities, Any BGP router can do filtering and apply policies very easily. It can process the routes with appropriate tags as per requirement. Ex- Community 100:10 associated routes will be treated with local preference 50 by using route-map. It is possible to use multiple communities to tag a single prefix.

Here are some well known communities:

No-export       – do not advertise routes to real EBGP peers.

No-advertise   – do not advertise routes to any peer.

Local-as          – do not advertise routes to any EBGP peers.

Internet          - advertises the routes to Internet (any peer).

Other Defined Communities: As discussed communities are 32 bit value, it is divided in two parts.

Higher order and lower order, Higher order 16 bits is the AS number.

Lower order 16 bits are locally significant number. The format is

[AS number]:[low order no.]  = 100:10

To implement communities we have to follow this process:

• First need to identify traffic and policies for traffic.
• Then we have to define a community and apply to particular prefixes by using route-maps.
• Then configure neighbor ip address send community for particular neighbors.
• As the routing update will received by other neighbors, that time router will look the associated community and on the basis of that policy will be applied.

 Processing of Communities

•  Prefixes are tagged with route-map with defined community values.
•  Prefixes are advertised with communities to neighbors.
•  As neighboring router will see the route associated with community, it will apply policies as per configurations. Ex: Community 100:10 will say that the local preference of route should be lowered to 50 as per configured policy.

 Configuration Steps of BGP communities:

• Configure communities and tag the prefixes using route-map.
• Configure BGP community advertisement to particular neighbors. Since communities will be not advertised to all neighbors with updates
•  Configure BGP community access-lists to match BGP communities on receiving routers.
• Configure route-maps and define policies for particular receiving communities as per requirement.
• Apply the route-map to incoming or outgoing updates.

Router(config)#route-map test

Match condition

Set community value (100:10)

Router(config-router)#neighbor ip -address route-map test (in/out)

                                                neighbor ip-address send community

                                                Redistribute ospf route-map test

Router(config)#Route-map test

Set community 10:100

Router(config-router)# Neighbor 10.1.1.2 remote-as 100

Neighbor 10.1.1.2 route-map test out

Neighbor 10.1.1.2 send community

Community receiving router:

Router(config)# ip community-list 10 permit 100:10

Route(config)# route-map localpref permit 10

                                Match community 10

                                Set local-preference 50

                                Route-map localpref permit 20

Router(config)#router bgp 100

                                Neighbor 10.1.1.1 remote –as 200

                                Neighbor 10.1.1.1 route-map localpref in

Show commands for monitoring  Communities:

Show ip bgp prefix

Show ip bgp community – display all community associated routes

Show ip bgp community as:nn – display the particular prefixes with that community.

Show ip bgp community-list – display community list.

Hope this post will help you to understand BGP communities.

SHOW IP BGP OUTPUT

This post is for show ip bgp output description:

In show ip bgp output, Networks are listed in numerical order, lower to higher. An (*) asterisk indicates it is valid route with proper next-hop. You can see many options in front of route, Below are the meaning of options:

• “s” for Suppressed : BGP knows about this network but this network is not advertised. Since it is part of summarized route.
• “d” for dampened: BGP can stop advertising a network that flaps too often until it is stable for a period of time.
• “h” for history: BGP knows about this network but this network but does not currently have a valid route.
• "r” for rib failure: The route was advertised to BGP but it was not installed in IP routing table, Since it is learned by some other routing protocol with better administrative distance.
• “S” for Stale: Used with nonstop forwarding to indicate that the route is stale and needs to be refreshed when the peer is re-established.

This symbol *> indicates that this route is valid with proper next hop and same time it is accessible.

Next-hop indicates which router is advertising this route and to reach this network you have to reach this next hop router. 0.0.0.0 Indicates this route is originated locally.

Metric indicates MED attribute, if MED value was received with the route, you can see the med in metric column.

Local Pref indicates Local preference which is associated with routes, It is locally significance.

Weight, It’s a BGP attribute.

Path: It will show you AS path associated with route. Reading this path left to right.

Origin of route – i – means ibgp and locally originated , e- external bgp and externally received, ?- means incomplete origin that means the routes are originated by redistribution.

Some other useful commands for verifying and troubleshooting BGP .

Show ip bgp summary

Show ip bgp neighbors address received-routes

Most common issue-

If some time, you can see the routes in routing table but you can’t ping the route. That time you can check the next hop address and verify that the next hop is accessible by IGP.

For any more queries, Plz post comments. I will try to answer…

BGP Attributes and Route Selection Process

In this post, we will discuss about BGP Attributes and BGP route selection process.

The Border Gateway Protocol (BGP) is an inter-autonomous system routing protocol. An autonomous system is a network or group of networks under a common administration and with common routing policies. BGP is used to exchange routing information for the Internet and is the protocol used between Internet service providers (ISP).

                When BGP is used between autonomous systems (AS), the protocol is referred to as External BGP (EBGP). If a service provider is using BGP to exchange routes within an AS, then the protocol is referred to as Interior BGP (IBGP).

BGP Attributes

Routes learned by BGP have associated attributes, which are used to determine the best route to a destination when multiple paths exist to a particular destination.BGP attributes influence route selection.

Well- Known Attributes: -   Mandatory & Discretionary

Mandatory Attributes: Mandatory attributes are once that must be including in every single BGP routing updates.

Discretionary Attributes: Discretionary are up to the router and up to you as an administrator weather you want that attribute in BGP update. (Attributes May be present in update or not)

Optional Attributes: -   Transitive & Non –Transitive

Transitive Attributes: Transitive are the once that will continue traveling through AS weather they are recognized by other BGP router or not.

Non – Transitive Attributes: Non transitive attribute are the attribute that will be strip of by the router if it does not understand or choose as not to propagate that attribute.

Attributes:

Weight Attribute

Weight is a Cisco proprietary attribute that is local to a router. The weight attribute is not advertised to neighboring routers. If the router learns about more than one route to the same destination, the route with the highest weight will be preferred.

Local Preference Attribute

The local preference attribute is used to prefer an exit point from the local autonomous system (AS). The local preference attribute is propagated throughout the local AS. If there are multiple exit points from the AS, the local preference attribute is used to select the exit point for a specific route. Higher local preference is preferred.

 MED – Multi- Exit Discriminator Attribute

Multi –Exit Discriminator is an Optional Non -Transitive attribute. Used to suggest an entry point into your AS. If you have two connections with single service provider so you can suggest the entry point into your AS. Lower is better

Origin Attribute

The origin attribute indicates how BGP learned about a particular route.

IGP (i) —route is interior to the originating AS or advertised via network command.

EGP (e) —route is learned via the Exterior Border Gateway Protocol (EBGP).

Incomplete (?) —incomplete occurs when a route is redistributed into BGP.

AS-Path Attribute

When a route advertisement travels through an autonomous system, the AS number is added to an ordered list of AS numbers that the route advertisement has travelled. This attribute is mandatory attribute and it is used to avoid loop.

 Next-Hop Attribute

The EBGP next-hop attribute is the IP address that is used to reach the advertising router, which advertises the routes. Typically the IP address of the advertising routers. If receiving routers is on same subnet, next hop remains the same and in IBGP also.

Atomic Aggregate Attribute

Atomic Aggregate is a Well- Known Discretionary attributes that has not to be in every single routing update been summarized. Inform router that a route has been summarized.

 Aggregator Attribute

Aggregator is an Optional Transitive attribute Aggregator tells you who summarized that route. What router or what is the IP add of that router who summarized that route.

Community Attribute

The community attribute provides a way of tagging of routes, called communities, to which routing decisions (such as acceptance, preference, and redistribution) can be applied. Route maps are used to set the community attribute.

Predefined Community: No-Advertise, No-export, Internet , Local-as.

BGP Path Selection Process –

In BGP Protocol, it could receive multiple advertisements for the same route from multiple sources (ex: Internet/Multihomed networks). BGP selects only one path as the best path. When the path is selected, BGP puts the selected path in the IP routing table and propagates the path to its neighbors.

The path selection process is :

1.     If the path specifies a next hop that is inaccessible, drop the update.

2.     Prefer the path with the largest weight.

3.     If the weights are the same, prefer the path with the highest local preference.

4.     If the local preferences are the same, prefer the path that was originated by BGP running on this router.

5.     If no route was originated, prefer the route that has the shortest AS-path.

6.     If all paths have the same AS-path length, prefer the path with the lowest origin type (where IGP is lower than EGP and EGP is lower than incomplete).

7.     If the origin codes are the same, prefer the path with the lowest MED attribute.

8.     If the paths have the same MED, prefer the external path over the internal path.

9.     If the paths are still the same, prefer the path through the closest IGP neighbor.

10.   Prefer the path with the lowest IP address, as specified by the BGP router ID.

Hope this information will helpful for you.

Basic MPLS

This post is for new engineers, those who are learning MPLS L3 VPN. This post include a link of full lab with configuration files.

In this Lab vrf VPN_A from PE to CE , I used BGP and OSPF. For vrf VPN_B EIGRP and static. So Here you will find basic configuration of all protocols between CE to PE. Same time you will see the redistribution.

This topology I am going to use for configurations.

1.       R1 and R6 are in vrf VPN_A,R1 is using BGP to exchange the routes with PE-1 and R6 is using OSPF to share the routes with PE-2.

2.       R7 and R8 are in vrf VPN_B, R7 is using EIGRP to exchange the routes with PE-1 and R8 is using static routes with PE-2.

3.       In Core, OSPF is used as IGP.

4.       MP-IBGP is configured in PE-1 and PE-2.

Here is PE 1 and PE-2 configurations, Download full lab and configuration from link.

PE-1

hostname PE-1

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

memory-size iomem 5

ip cef

!

!

!

ip vrf VPN_A

 rd 100:1

 route-target export 100:1

 route-target import 100:1

!

ip vrf VPN_B

 rd 100:2

 route-target export 100:2

 route-target import 100:2

!

no ip domain lookup

!

mpls label protocol ldp

!

!

interface Loopback0

 ip address 100.1.1.1 255.255.255.255

!

interface FastEthernet0/0

 no ip address

 duplex auto

 speed auto

!

interface FastEthernet0/0.10

 encapsulation dot1Q 10

 ip vrf forwarding VPN_A

 ip address 10.1.1.2 255.255.255.252

!

interface FastEthernet0/0.30

 encapsulation dot1Q 30

 ip vrf forwarding VPN_B

 ip address 192.168.1.2 255.255.255.252

!

interface FastEthernet0/1

 ip address 172.16.1.1 255.255.255.252

 duplex auto

 speed auto

 mpls label protocol ldp

 mpls ip

!

!

router eigrp 200

 auto-summary

 !

 address-family ipv4 vrf VPN_B

 redistribute bgp 100 metric 256 20 200 100 20

 network 192.168.1.0 0.0.0.3

 no auto-summary

 autonomous-system 100

 exit-address-family

!

router ospf 1

 log-adjacency-changes

 network 100.1.1.1 0.0.0.0 area 0

 network 172.16.1.0 0.0.0.3 area 0

!

router bgp 100

 bgp log-neighbor-changes

 neighbor 100.1.1.3 remote-as 100

 neighbor 100.1.1.3 update-source Loopback0

 !

 address-family ipv4

 neighbor 100.1.1.3 activate

 neighbor 100.1.1.3 next-hop-self

 no auto-summary

 no synchronization

 exit-address-family

 !

 address-family vpnv4

 neighbor 100.1.1.3 activate

 neighbor 100.1.1.3 send-community extended

 neighbor 100.1.1.3 next-hop-self

 exit-address-family

 !

 address-family ipv4 vrf VPN_B

 redistribute eigrp 100

 no synchronization

 exit-address-family

 !

 address-family ipv4 vrf VPN_A

 neighbor 10.1.1.1 remote-as 200

 neighbor 10.1.1.1 activate

 no synchronization

 exit-address-family

!

ip http server

no ip http secure-server

!

!

control-plane

!

line con 0

line aux 0

line vty 0 4

!

!

end

PE-2:

hostname PE-2

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

memory-size iomem 5

ip cef

!

!

!

!

ip vrf VPN_A

 rd 100:1

 route-target export 100:1

 route-target import 100:1

!

ip vrf VPN_B

 rd 100:2

 route-target export 100:2

 route-target import 100:2

!

no ip domain lookup

!

mpls label protocol ldp

!

interface Loopback0

 ip address 100.1.1.3 255.255.255.255

!

interface FastEthernet0/0

 ip address 172.17.1.2 255.255.255.252

 duplex auto

 speed auto

 mpls label protocol ldp

 mpls ip

!

interface FastEthernet0/1

 no ip address

 duplex auto

 speed auto

!

interface FastEthernet0/1.20

 encapsulation dot1Q 20

 ip vrf forwarding VPN_A

 ip address 20.1.1.2 255.255.255.252

!

interface FastEthernet0/1.40

 encapsulation dot1Q 40

 ip vrf forwarding VPN_B

 ip address 192.168.2.2 255.255.255.252

!

!

router ospf 2 vrf VPN_A

 log-adjacency-changes

 redistribute bgp 100 subnets

 network 20.1.1.0 0.0.0.3 area 0

!

router ospf 1

 log-adjacency-changes

 network 100.1.1.3 0.0.0.0 area 0

 network 172.17.1.0 0.0.0.3 area 0

!

router bgp 100

 no synchronization

 bgp log-neighbor-changes

 neighbor 100.1.1.1 remote-as 100

 neighbor 100.1.1.1 update-source Loopback0

 neighbor 100.1.1.1 next-hop-self

 no auto-summary

 !

 address-family vpnv4

 neighbor 100.1.1.1 activate

 neighbor 100.1.1.1 send-community extended

 neighbor 100.1.1.1 next-hop-self

 exit-address-family

 !

 address-family ipv4 vrf VPN_B

 redistribute connected

 redistribute static

 no synchronization

 exit-address-family

 !

 address-family ipv4 vrf VPN_A

 redistribute ospf 2 vrf VPN_A

 no synchronization

 exit-address-family

!

ip route vrf VPN_B 6.6.6.6 255.255.255.255 192.168.2.1

!

!

ip http server

no ip http secure-server

!

!

control-plane

!

!

line con 0

line aux 0

line vty 0 4

!

!

end

LAB Link :
http://www.ziddu.com/download/11368307/basicmpls.rar.html

I hope this lab will helpful for beginners.Post comments for any queries.