Showing results for 
Search instead for 
Did you mean: 


How to associate a BGP Community to the BD's connected subnets ?


1- do you know how to associate a BGP Community tag to my Bridge Domains 's connected subnet : so these Subnets could be populated (announced) with their associted Community Tag through the VRF's L3OUT  eBGP  connection to reach ouside routers  ?


2- if the answer to 1 is YES: each of my VRFs get 4 x L3OUT(eBGP) (not only 1)   : how can i populate (announce)  my BGP Community Tag through the 4 x L3OUT connections


3- I get also 1 VRFa that is Route Leaked to another VRFb to reach the outside routers : how can i associate such BGP Community Tag to my VRFa's BDs' s Connected Subnets so these Subnets could  also be populated(announced) via the L3OUT eBGP  of  the VRFb ? 


Thanks a lot for your advices 




This might not be the total solution, but I guess that applying RouteMaps could allow you to tag the BGP Community as needed.


However, this is a bit tricky because ACI will not let you use the ExtSubnet as Aggregate, in the ExtL3out model, to allow the redistribution of your routes into the external BGP, while at the same time using RouteMaps. So if you use RouteMaps and Export Control Policy, the control of which routes are announced and tagged is centralized in the RouteMaps, while the ExtSubnet 0.0.0/0 of the L3out would be left to control route leaking and traffic control (Contracts).


When building the routemap, using as Aggregate will not match the BD Subnets, so you will need to use the proper supernet of your ACI BD Subnets in the MatchRule to properly set the BGP Tags to those subnets.


Reading the RouteControl documentation, you could get an idea and try it out on a test VRF.


All the best,

Cisco Employee

Go to L3 Configurations under the Bridge Domain and choose the L3 out you want to set the policy when you are advertising the BD subnet. It should be set under the L3 out for Route Profile.


Then underneath that you will see an option for a route profile. Within that route profile create a set rule for the community value you want.


You should be able to verify it by going on the leaf:


leaf#show bgp unicast neighbor <neighbor> vrf <vrfname> | grep map


Then once you get the route map name:


leaf#show route-map <routemapname>


You should see a set clause with the BGP community.


You can then look for the match clause that has the ip address prefix list: 


leaf#show ip prefix-list <prefixlistname>


you should see a permit statement for that BD subnet.


*note if you set the route map to "Match Prefix AND Routing Policy" that will be considered combinable so you will see two subnets, one for the specific BD subnet and then one for the subnet of that network*


Hope that helps,


Thank you for participating in the Cisco Support Forum for ACI! If you have other questions related to this post, please let us know. If this response answers your questions, please mark this post "answered" and assign a rating to the response(s) provided. This will help notify other viewers that your question(s) is answered and this helps us provide better responses for this and future questions.
Michael G.
Content for Community-Ad
This widget could not be displayed.