Solved: at least for IOS routers. if

Ruslan Moldaliev · ‎07-27-2016

hi all,

I want to do AS-prepend for one of my ISPs. I have route-map for that ISP and when I'm trying to configure "set community 64704:xxxxxx" under route-map configuration mode I'm receiving an error (it's 6 digits in my AS number).

in the configuration guides always mentioned "well-known" ASNs. I found "set extcommunity rt" but I think and it seems that it doesn't do what I'm trying to achive.

so how can I include 4 byte ASN into my "set community"?

thanks

Peter Paluch · ‎07-27-2016

Hi Ruslan,

Just to comment on the support of 4B ASNs - there are some gotchas. A community attribute is a 4B value itself. So if you store your own 4B ASN into a standard community, there is no space left in it for the remaining part of the community value. As the set community command only manipulates standard communities, it is outright impossible to use 4B ASNs with it. Extended communities could be the solution, as they are 8B long; however, the particular extended community type we need to be using is called AS Specific BGP Extended Community and is defined in RFC 5668. Unfortunately, IOS does not seem to support this particular kind of extended community yet - and even if it did, your ISP would not be looking for it according to the RIPE database output. The particular kind of extended community you tried to use is called Route Target, and it serves a different purpose.

That being said, I must say that I do not clearly understand the use of communities as documented by your neighbor. Note that there are two special communities:

remarks:         64700:ASN - do not announce to AS ASN
remarks:         64709:ASN - announce to AS ASN

They say - do not advertise, or do advertise, to the AS ASN as specified in the lower part of the community. But how could your ISP perform filtering to an arbitrary autonomous system out there if it's not directly peering with it? It looks to me as if the ASN here in this description can only be from a limited set ot ASNs that your ISP peers with, and not an ASN you want to have prepended.

Also, when you read closely:

remarks:         64701:ASN - prepend 1x to AS ASN
remarks:         64702:ASN - prepend 2x to AS ASN
remarks:         64704:ASN - prepend 4x to AS ASN
remarks:         64706:ASN - prepend 6x to AS ASN

It says "prepend N times to AS ASN" - but prepend what? And what does it mean when they say "prepend to"?

I would say that at this point, it would be best to call your ISP and clarify the precise meaning and operation of these community values before we try to find any solution for your needs. It might be possible that these communities result in a different prepending operation than what we think.

Best regards,
Peter

View solution in original post

Peter Paluch · ‎07-27-2016

Ruslan,

It seems that you are trying to enter an invalid value into the community. Both values before and after the colon can be at most 65535, as the community is a 4B value in total. Why would you want to enter a 6-digit value into the field after the colon?

Let me ask you: What exact community value should you use so that your ISP performs the AS prepending? Did you consult this with your ISP? Is it perhaps indicated anywhere on his webpage - and if so, can you point us to that page?

Best regards,
Peter

Ruslan Moldaliev · ‎07-27-2016

Peter,

yes, but I thought IOS 15.x support 4byte ASNs in "set community" and now I totally confused.

here is snippet:

remarks:         Communities accepted from customers:
remarks:         ------------------------------------------------
remarks:         Customer TE communities - Prepending
remarks:         ------------------------------------------------
remarks:         64700:ASN - do not announce to AS ASN
remarks:         64701:ASN - prepend 1x to AS ASN
remarks:         64702:ASN - prepend 2x to AS ASN
remarks:         64704:ASN - prepend 4x to AS ASN
remarks:         64706:ASN - prepend 6x to AS ASN
remarks:         64709:ASN - announce to AS ASN

and here is the link - https://apps.db.ripe.net/search/query.html?searchtext=AS21219&bflag=true&source=RIPE#resultsAnchor

what I'm expecting to achieve - to lenghten AS path through particular ISP.

Peter Paluch · ‎07-27-2016

Hi Ruslan,

Just to comment on the support of 4B ASNs - there are some gotchas. A community attribute is a 4B value itself. So if you store your own 4B ASN into a standard community, there is no space left in it for the remaining part of the community value. As the set community command only manipulates standard communities, it is outright impossible to use 4B ASNs with it. Extended communities could be the solution, as they are 8B long; however, the particular extended community type we need to be using is called AS Specific BGP Extended Community and is defined in RFC 5668. Unfortunately, IOS does not seem to support this particular kind of extended community yet - and even if it did, your ISP would not be looking for it according to the RIPE database output. The particular kind of extended community you tried to use is called Route Target, and it serves a different purpose.

That being said, I must say that I do not clearly understand the use of communities as documented by your neighbor. Note that there are two special communities:

remarks:         64700:ASN - do not announce to AS ASN
remarks:         64709:ASN - announce to AS ASN

They say - do not advertise, or do advertise, to the AS ASN as specified in the lower part of the community. But how could your ISP perform filtering to an arbitrary autonomous system out there if it's not directly peering with it? It looks to me as if the ASN here in this description can only be from a limited set ot ASNs that your ISP peers with, and not an ASN you want to have prepended.

Also, when you read closely:

remarks:         64701:ASN - prepend 1x to AS ASN
remarks:         64702:ASN - prepend 2x to AS ASN
remarks:         64704:ASN - prepend 4x to AS ASN
remarks:         64706:ASN - prepend 6x to AS ASN

It says "prepend N times to AS ASN" - but prepend what? And what does it mean when they say "prepend to"?

I would say that at this point, it would be best to call your ISP and clarify the precise meaning and operation of these community values before we try to find any solution for your needs. It might be possible that these communities result in a different prepending operation than what we think.

Best regards,
Peter

Ruslan Moldaliev · ‎07-28-2016

hi Peter,

aha, I see.. and thanks a lot for your detailed explanation. I somehow managed not find the information or anything about longer than 4byte ASNs in "set community". it's a pity that IOS/Cisco doesn't have full support of the extended ASN despite being claimed.

regarding the:

remarks:         64700:ASN - do not announce to AS ASN
remarks:         64709:ASN - announce to AS ASN

I think it can be valid in case of some weird TE requirements or TE to/from ISP peering neighbours, but it's my and your assumption.

and for this excerpt of community I believe I'm thinking right: if I have one or more AS behind me (or own them) I can prepend either ISP facing AS or different AS to extend AS path and do some TE

remarks:         64701:ASN - prepend 1x to AS ASN
remarks:         64702:ASN - prepend 2x to AS ASN
remarks:         64704:ASN - prepend 4x to AS ASN
remarks:         64706:ASN - prepend 6x to AS ASN

and using this tool in the route-maps more agile than using regular prepend in "neighbour x.x.x.x" statement. this is common practice in Ukraine to do BGP TE with such strange types of communities.

however in the general you are right, no one knows for sure except ISP.

Sergey Lisitsin · ‎07-28-2016

Ruslan,

Does that ISP not allow explicit AS prepending? As in can you not just use "set as-path prepend XXXXXX" ?

Regards,

Sergey.

Ruslan Moldaliev · ‎07-28-2016

Sergey,

yes it allows to use explicit usage of AS prepend, I achieved my goal. I just wanted to do it with help of route-maps, to have a little bit more versatile solution/path.

right now I want to clarify this thing with "set community" in the route-map.

Sergey Lisitsin · ‎07-28-2016

Ruslan,

Well, as Peter rightly said, the standard communities are only 32 bits long, so can represent values from 0:0 to 65535:65535. As your AS number is larger than 65535, you can't use the community method for as-path prepending. Your ISPs solution in that respect is not scalable enough.

Regards,

Sergey.

Ruslan Moldaliev · ‎07-28-2016

at least for IOS routers. if I remember correctly when I searched information regarding my question, I spotted similair thing is working in Junos OS and they can actually use 4 byte ASNs in the community statement, however I can't find it right now.

so it goes.

Sergey Lisitsin · ‎07-28-2016

Ruslan,

That would probably be some sort of extended community, not the standard community.

Ruslan Moldaliev · ‎08-15-2016

Sergey,

it appears that explicit AS prepend doesn't work like desired. I'm still receiving relatively large volumes (a little bit less than half approximately) of the traffic through prepended ISP, I beleive it somehow related to internal routing policies or peering agreements with the neighbours.

I will try to ask them directly how to configure AS prepend through community I think they had similar cases concerning their size.

how to set up in the route-map community 4 byte ASN?