cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1679
Views
0
Helpful
8
Replies

Community Attributes in BGP

Hello,

  Is the below a valid commuity configuration?

ip community-list 100 permit ASN:100

Route map Com-list permit 10 (Applied In bound)

match community 100

Since there is no action that was specified on the match statement. If this is valid statement can you please breif me about what will be the result with the above statement.

Thank you            

8 Replies 8

Hi,

The action depends on where you have applied this route-map.

For instance if you have applied this route-map to a redistibution, you will redistibute only the routes that match to the community list 100.

Hope that helps

Vasilis

Hello,

  Thanks for your reply. There is no redistribution applied. The BGP Neibhor statement contains route maps for in and out. The out route map has the prefix list

route map com-list  permit 10 (Applied outbound)

match ip  add prefix-list xxx

set community asn.xxx

but the in bound has only the match statement as above mentioned, and there is no redistribution for the above route map, though there are seperate route map for redistribution between routing protocols.

Hello Karthik,

only BGP advertisements that has one BGP community value as specified in community-list 100 will be accepted from neighbor

To be noted multiple Community attributes can be associated to a BGP advertisement, the filter will accept routes with multiple BGP communities if one of them matches the community-list.

The fact that no set action is configured means that no BGP attribute manipulation is performed on accepted routes, and the route-map is used as filter framework to invoke the use of the community-list as filter rule.

Hope to help

Giuseppe

Hello,

  In the above case of  inbound route map with just match community-list 100 what will be expected result of the statement? will there be any local preference or any other attributes set by the upstream provider? Also since there is no prefix list or access list attached to the route-map will all the in bound routes from ISP will have the community list 100 (ASN:100) Mapped?

Thanks

Hello Karthik,

the result will be that BGP routes that have a BGP community value as per community list will be accepted with no changes to the BGP attributes. Local preference is not passed by upstream provider it has meaning and scope only within a single BGP AS ( for this the name). other attributes like MED are kept unchanged.

>>

Also since there is no prefix list or access list attached to the route-map will all the in bound routes from ISP will have the community list 100 (ASN:100) Mapped?

no because it is a match statement not a set action if the route has no BGP community equal to one of those specified in ip community-list the route will be denied

if you want to set a community on received routes you need a different configuration

route-map SETCOM-INBOUND permit 10

! match commands if needed

match ....

set community   ASN:100 additive

! adding the additive keyword allows to append the ASN:100 value to existing BGP communities, without it you will first remove all BGP communities and then set only the new value

Hope to help

Giuseppe

Hello Giuseppe,

   Thanks for the detailed reply. So if there is an inbound route map like the one below with only match and without any set statement, then will it deny all the ip comming with community value of 100? This part is bit confusing, since i am not sure what ip packets will be denyed because of the below statement that is comming in.

ip community list 100 permit asn:100

Route-map setcom-inbound deny 10

match community-list 100

Thank you

Hello Karthik,

your understanding is almost correct but actually a route-map like that denies everything

you need a multiple blocks route-map to deny only specific routes matching the community-list

in other words

route-map setcom-inbound deny 10

match community-list 100

denies everything

route-map setcom-inbound deny 10

match community-list 100

route-map setcom-inbound permit 20

this one has an empty final block that allows all other routes.

>>

route-map setcom-inbound permit 20

For route-maps like for ACLs is important how they are terminated and where they are applied

there is no implicit permit any at the end of the route-map

Hope to help

Giuseppe

Hello Guiseppe,

   Thanks for the update. This helped me in clearing the confusion i was having.

Thank you

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: