Wednesday, 27 June 2012

BGP: Route Filtering Using Communities

BGP: Route Filtering Using Communities
·         In BGP, communities are basically used to tag the routes so that we can filter them where ever we want.
·         Let me take a small topology to configure and verify route filtering based on communities.


R1-------------------R2--------------------R3

·         R1: AS 100
·         R2: AS 200
·         R3: AS 300

·         R1 is advertising a prefix 1.1.1.1/32 with community value 1
·         R1 is advertising a prefix 11.11.11.11/32 with community value 11

·         Configuration in R2:
·         Strip the community value 1 while forwarding it to R3 for 1.1.1.1/32
·         Change the community value to 123 for 11.11.11.11/32

·         Let me configure it and see…
R1#show run
router bgp 100
 no synchronization
 bgp router-id 1.1.1.1
 bgp log-neighbor-changes
 network 1.1.1.1 mask 255.255.255.255
 network 11.11.11.11 mask 255.255.255.255
 neighbor 100.1.12.2 remote-as 200
 neighbor 100.1.12.2 send-community
 neighbor 100.1.12.2 route-map COMM out
 no auto-summary
!
!
ip prefix-list 1 seq 5 permit 1.1.1.1/32
!
ip prefix-list 11 seq 5 permit 11.11.11.11/32
!
route-map COMM permit 10
 match ip address prefix-list 1
 set community 1
!
route-map COMM permit 20
 match ip address prefix-list 11
 set community 11
!
route-map COMM permit 100
!
R1#

R2(config)#do show run | begin router bgp 200
router bgp 200
 no synchronization
 bgp log-neighbor-changes
 neighbor 100.1.12.1 remote-as 100
 neighbor 100.1.23.3 remote-as 300
 neighbor 100.1.23.3 send-community
 no auto-summary
!
R2#show ip bgp
BGP table version is 10, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 1.1.1.1/32       100.1.12.1               0             0 100 i
*> 11.11.11.11/32   100.1.12.1               0             0 100 i
R2#
R2#show ip bgp 1.1.1.1
BGP routing table entry for 1.1.1.1/32, version 10
Paths: (1 available, best #1, table Default-IP-Routing-Table)
Flag: 0x820
  Advertised to update-groups:
     2
  100
    100.1.12.1 from 100.1.12.1 (1.1.1.1)
      Origin IGP, metric 0, localpref 100, valid, external, best
      Community: 1
R2#
R2#show ip bgp 11.11.11.11
BGP routing table entry for 11.11.11.11/32, version 9
Paths: (1 available, best #1, table Default-IP-Routing-Table)
  Advertised to update-groups:
     2
  100
    100.1.12.1 from 100.1.12.1 (1.1.1.1)
      Origin IGP, metric 0, localpref 100, valid, external, best
      Community: 11
R2#

Observations:

·         R2 has received 2 prefixes from R1, 1.1.1.1/32 and 11.11.11.11/32
·         1.1.1.1/32 has community value of 1
·         11.11.11.11 has community value of 11

Let me configure to change these community values on R2:

R2(config-router)#do show run | begin router bgp 200
router bgp 200
 no synchronization
 bgp log-neighbor-changes
 neighbor 100.1.12.1 remote-as 100
 neighbor 100.1.23.3 remote-as 300
 neighbor 100.1.23.3 send-community
 neighbor 100.1.23.3 route-map COMM1 out
 no auto-summary
!
ip forward-protocol nd
!
no ip http server
!
!
!
ip prefix-list 1 seq 5 permit 1.1.1.1/32
!
ip prefix-list 11 seq 5 permit 11.11.11.11/32
!
route-map COMM1 permit 10
 match ip address prefix-list 1
 set community none
!
route-map COMM1 permit 20
 match ip address prefix-list 11
 set community 123
!
route-map COMM1 permit 100
!
!
R2(config-router)#

R3#show ip bgp
BGP table version is 13, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 1.1.1.1/32       100.1.23.2                             0 200 100 i
*> 11.11.11.11/32   100.1.23.2                             0 200 100 i
R3#
R3#
R3#show ip bgp 1.1.1.1
BGP routing table entry for 1.1.1.1/32, version 12
Paths: (1 available, best #1, table Default-IP-Routing-Table)
Flag: 0x820
  Not advertised to any peer
  200 100
    100.1.23.2 from 100.1.23.2 (2.2.2.2)
      Origin IGP, localpref 100, valid, external, best
R3#
R3#show ip bgp 11.11.11.11
BGP routing table entry for 11.11.11.11/32, version 13
Paths: (1 available, best #1, table Default-IP-Routing-Table)
Flag: 0x820
  Not advertised to any peer
  200 100
    100.1.23.2 from 100.1.23.2 (2.2.2.2)
      Origin IGP, localpref 100, valid, external, best
      Community: 123
R3#

Observations:

·         R2 is stripping the community value for 1.1.1.1/32 while forwarding it to R3, that’s why I didn’t see any community value for 1.1.1.1/32 in R3
·         R2 is changing the community value to 123 for 11.11.11.11/32 while forwarding it to R3, that’s why I have community value as 123 for 11.11.11.11/32 in R3.
Posted by at
Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)