BGP Communities

Since I have received a few requests to write about BGP communities, so I would like to share my understanding about this topic.

Community is a tagging technique to mark a set of routes. It s a numerical value that can be assigned to a specific prefix and advertised to other neighbors. When the neighbor receives the prefix, it will examine the community value and take proper action whether to filter or modify other attributes.

BGP communities are represented as two 16-bit integers and the common format is <local-ASN>:xx i.e 0:0 to 0:65535 where 65535:0 to 65535:65535 are reserved. However, if you want to display them in human-readable format, you should use “ip bgp-community new-format.” Note that the actual value carried in the routing update is unchanged, it’s just the display that changes.

Communities are very useful in applying policies within and between ASes. Upstream service provider routers can use these flags to apply specific routing polices (e.g. Local Preference or MED) within their network.

They are optional transitive attributes meaning that BGP implementations do not have to recognize the attribute and it is at the network operator’s discretion to carry it through an AS or pass it on to another AS. By default the community attribute is removed from the update before being sent to the neighbor. To allow community values to be sent to a specific neighbor, the command neighbor x.x.x.x send-community must be applied

BGP has 4 well known communities that can be used to mark prefixes:

  • Internet: Advertise these routes to all neighbors
  • Local AS: Prevent sending routes outside the local AS within the confederation
  • No-Advertise: Do not advertise this route to any peer, internal or external
  • No-Export: Do not advertise this route to external BGP peers

Remember that each of the well known community has its own reserved number. So, when we set any of the well known communities, the router converts it to its respective reserved number and proceeds accordingly.

It is also worth mentioning that regarding the no-export BGP community, all routes received carrying a communities attribute containing this value MUST NOT be advertised outside a BGP confederation boundary” (i.e. outside our own AS, or across regular EBGP sessions).

How to set community attribute values?

  1. Network Command: The optional route-map at the end of the network command can be used to set the community of the advertised prefix.
  2. Aggregate address: The attribute-map option can be used to set the attributes of the aggregate route including the community value.
  3. Neighbor command: A route-map can be used to set the community of specific prefixes received from or sent to the neighbor.
  4. Redistribution: You can set the community attribute of the redistributed prefixes using the route-map option of the redistribute command.

How to match community attribute values?

  • A standard or expanded IP community list must be configured specifying the values to be matched.
  • Use the match statement in a route map to match the values specified in the IP community list
  • The route-map can be used to apply routing policies by setting other attributes or filtering the prefix based on the matched community value

Highlight: As for the format (AS:XXXX) for specifying the community, please note that it is not necessary that we need to use the AS number. There can be any arbitrary no. (instead of the AS no.) that needs to be matched at the other end.

BGP CommunitiesIn Cisco IOS Software Release 12.0 and later, we can configure communities in three different formats:

  • Decimal
  • Hexadecimal
  • AA:NN

Although the community attribute can be represented in decimal, hexadecimal, or AA:NN, it is still
a 32−bit number.

For example, any of these three configuration commands specify the community 30:20 (AS 30, number 20):
  – set community 30:20
  – set community 0x1E0014
  – set community 1966100

Regardless of which command you use, the community displayed in the router configuration file and the BGP table is 30:20.

By default, the Cisco IOS uses the older decimal format. In order to configure and display in AA:NN, where the first part is the AS number and the second part is a 2−byte number, issue the ip bgp−community new−format global configuration command

We can also use an ACL or may use a prefix-list for BGP communities. Similarly, in order to add additional communities, we can do so by using the keyword “additive”, which means:

Add on the community value without wiping out the previously defined communities with the prefix.

Once done, we can then define the route-map outbound to the neighbor to which we want to send the community.

IMPORTANT: By default, the community value is not sent across to the other end!

BGP Community List:

BGP community list is a user defined BGP community attribute list that can be used for matching or manipulating BGP communities attribute in updates.

There are two types of community lists:

  • One is the Standard community list and another is the Expanded community list
  • Standard community list defines communities attribute whereas the Expanded community list defines communities attribute string with regular expression (to search on the communities)
  • Standard community list is compiled into binary format when a user defines it
  • Standard community list will be directly compared to BGP communities attribute in BGP updates. Therefore the comparison is faster than expanded community list.

BGP Extended Communities:

Nowadays, we also use BGP extended communities comprising 8 octets. Examples of BGP extended community attribute are Route Target (RT) and Site of Origin (SoO). The RTs define MPLS based VPN membership and the SoO is used for loop prevention in cases where routes learned from a site are advertised back to that site in an MPLS/VPN architecture. Hence, both these extended communities are often used for MPLS VPNs that I have also explained in my article All about MPLS VPNs.

To sum it up, communities add power to BGP thus changing it from a routing protocol to a tool for signaling and policy enforcement. If they are smartly configured, they can optimize your network, make troubleshooting easier and give customers what they require!

In case of any queries or feedback, please drop a comment below and I would love to respond and help.

The following two tabs change content below.

Haider Khalid

IP Network Engineer, CCIE# 52939
Haider Khalid is a Cisco Certified Network engineer who has worked with several ISPs & Telecom providers in Pakistan, Middle East and the UK. In case of any questions or feedback, please feel free to drop a comment below or connect with him on LinkedIn.

Latest posts by Haider Khalid (see all)

Leave a Reply

Your email address will not be published. Required fields are marked *