Solved: Re: BGP community

Anukalp S · ‎05-12-2020

Hi , please help to understand below config.Can you please confirm either prefix 10.110.10.0/24 will be recieved OR both 10.110.10.0/24 & 10.110.11.0/24

router# router bgp 64512

neighbor 10.11.131.2 route-map route in

route-map route permit 10

match ip address prefix-list allow

match community 15

set community no-export additive

!

route-map route deny 30

!

ip prefix-list allow seq 10 permit 10.110.10.0/24

!

router# sh ip bgp community-list 15

Network Next Hop Metric LocPrf Weight Path
>i 10.110.10.0/24 X.X.X.X 0 100 0 4103 65525 i
>i 10.110.11.0/24 X.X.X.X 0 100 0 4103 65525 i

Giuseppe Larosa · ‎05-12-2020

Hello @Anukalp S ,

the first route-map clause has two match criteria and as explained by @paul driver both match criteria must be met in order to have a match in that route-map clause. It is a boolean AND:

if ( the prefix match communily-list 15 ) AND (prefix-list allow) then it is a match it is permitted and the NO_EXPORT community is added to it

prefix 10.110.11.0/24 is not permitted by prefix-list allow so it is not able to pass the combined criteria in AND.

There is not a winner match, simply the prefix-list is more selective then the community-list. Both match must be satisfied to have a match for the route-map ( the boolean AND operation reported above)

Hope to help

Giuseppe

View solution in original post

paul driver · ‎05-12-2020

Hello

The route-map will be read for both match statements only, So if an match isnt found for either match statements then the set command isnt applicable.

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Anukalp S · ‎05-12-2020

Hi Paul, Thanks but which prefix will be received in BGP table as route map is applied inbound in bgp, only 10.110.10.0/24 OR both 10.110.10.0/24 & 10.110.11.0/24

Giuseppe Larosa · ‎05-12-2020

Hello @Anukalp S ,

to be able to answer to your questions we would need to know:

a) what community value(s) are permitted by community-list 15 invoked in the route-map with match community 15

b) we should know what BGP community value(s) one ore more are attached to the two prefixes . This level of detail is given by

show ip bgp 10.110.10.0

show ip bgp 10.110.11.0

if the prefix 10.110.10.0/24 is a match for community-list 15 as explained above it has a BGP community value that matches one of the values permitted by community-list 15 then it is a match for the first route-map clause.

Edit:

by reviewing original post we can say that both prefixes match community-list 15 but only 10.110.10.0/24 is also a match for the prefix-list.

So prefix 10.110.10.0/24 is accepted and can be advertised to other iBGP peers but not to eBGP peers.

Prefix 10.110.11.0/24 matches the last route-map clause deny 30 and so it is filtered inbound

Hope to help

Giuseppe

Anukalp S · ‎05-12-2020

Hi Giuseppe,

Thanks, so here prefix-list matching prefix 10.110.10.0/24 will win over community matching both 10.110.10.0/24 & 10.110.11.0/24 thus only prefix 10.110.10.0/24 will be accepted.

Giuseppe Larosa · ‎05-12-2020

Hello @Anukalp S ,

the first route-map clause has two match criteria and as explained by @paul driver both match criteria must be met in order to have a match in that route-map clause. It is a boolean AND:

if ( the prefix match communily-list 15 ) AND (prefix-list allow) then it is a match it is permitted and the NO_EXPORT community is added to it

prefix 10.110.11.0/24 is not permitted by prefix-list allow so it is not able to pass the combined criteria in AND.

There is not a winner match, simply the prefix-list is more selective then the community-list. Both match must be satisfied to have a match for the route-map ( the boolean AND operation reported above)

Hope to help

Giuseppe

Anukalp S · ‎05-12-2020

Thanks Giuseppe for clarification