09-15-2017 09:07 PM - edited 03-05-2019 09:08 AM
here is the configuration:
-------------------------------------------------------------------
route-map IE-out permit 10
set community 7677:200 additive
continue
route-map IE-out permit 100
router bgp 65400
network 10.1.1.0 mask 255.255.255.0 route-map IE-out
-------------------------------------------------------------------
now i update route-map IE-out with the following:
-------------------------------------------------------------------
route-map IE-out permit 20
set community 65400:65400 addtive
continue
-------------------------------------------------------------------
then i print the prefix 10.1.1.0/24 in bgp tables, it shows as follow:
-------------------------------------------------------------------
Router1#sh ip bgp 10.1.1.0
BGP routing table entry for 10.1.1.0/24, version 270
Paths: (1 available, best #1, table default)
Not advertised to any peer
Local
0.0.0.0 from 0.0.0.0 (1.1.1.1)
Origin IGP, metric 0, localpref 100, weight 32768, valid, sourced, best
Community: 7677:200
-------------------------------------------------------------------
why it only bring community 7677:200, the list should be 7677:200 65400:65400
i try to clear ip bgp * in and clear ip bgp * out, it does't work .
09-16-2017 04:20 AM - edited 09-16-2017 05:00 AM
Hi
As you are applying a community to every network (not matching or specific networks), it will take as preference the first sequence in this case sequence 10, now if you want to apply the new community to specify networks you should match an ACL, IP prefix list, tag, etc.
If you remove the sequence 10, every network will be set with the new community. You could add the second community to the sequence 10 (updating sequence 10), example:
route-map IE-out permit 10
set community 7677:200 65400:65400 addtive
route-map IE-out permit 100
09-16-2017 10:42 AM
update route-map sequence 10 does't work ......
remove network announce and re-apply network announce would make it work, but i have more tham thousand prefix to announce .
what do you think ISP can seperate area prefix
09-16-2017 10:51 AM
Hello,
why not attach the route map to the neighbor (as in my sample config) and then summarize the networks as much as possible in the prefix list ?
09-16-2017 06:34 PM
ip prefix-list US seq 10 permit 10.1.1.0/24
ip prefix-list US seq 20 permit 10.1.2.0/24
...
ip prefix-list CA seq 10 permit 10.1.3.0/24
ip prefix-list CA seq 20 permit 10.1.4.0/24
...
route-map to peer1 permit 10
match ip prefifx CA
set communit 65200:100 65200:65200 addtive
contiune
route-map to peer1 permit 11
match ip prefifx CA
set communit 65200:200 65200:65200 addtive
contiune
...
route-map to peer1 permit 100
route-map to peer2 permit 10
match ip prefifx CA
set communit 65200:100 65200:65200 addtive
contiune
route-map to peer2 permit 11
match ip prefifx CA
set communit 65200:200 65200:65200 addtive
contiune
...
route-map to peer2 permit 100
...
network 10.1.1.0 mask 255.255.255.0
network 10.1.2.0 mask 255.255.255.0
network 10.1.3.0 mask 255.255.255.0
network 10.1.4.0 mask 255.255.255.0
...
neighbor 1.1.1.1 route-map peer1 out
neighbor 2.2.2.2 route-map peer2 out
neighbor 3.3.3.3 route-map peer3 out
...
neighbor x.x.x.x route-map peer100 out
-------------------------------------------------------------------
attach to neighbor, i have to point out every prefix list in every route-map for peers . it is a large job.
09-16-2017 07:00 PM
Hi,
Is the BGP neighbor peering handled by you as well?
09-16-2017 07:37 PM
yes , actually , i m the only one network engineer
09-17-2017 07:16 PM
any suggestion ?
09-17-2017 07:17 PM
Hi
I think you could remark the incoming traffic on the BGP neighbor but I would like to lab it before.
09-18-2017 07:27 PM
more about the detail ?
09-16-2017 07:27 AM
Hello,
I think you need to apply the route map to the neighbor rather than the network. Have a look at the config below (you don't need the 'additive' keyword in the first sequence):
ip prefix-list SET_COMM seq 5 permit 10.1.1.0/24
!
route-map IE-out permit 10
match ip address prefix-list SET_COMM
continue 20
set community 7677:200
!
route-map IE-out permit 20
match ip address prefix-list SET_COMM
continue 100
set community 65400:65400 additive
!
route-map IE-out permit 100
neighbor x.x.x.x route-map IE-out out
09-16-2017 10:48 AM
as i have a large of prefix to add community , more than thousands , and prefix need to be distinguish from difference area . such as DE , CA , US .
if i apply the route-map to the all neighbor , i need repeat the input many times , and with a high rate mistake , it is too risky .
or how do you design you global bgp network .
09-17-2017 12:45 AM
Hello,
your initial question was about adding a community value to a route, and now has shifted to designing a global BGP network, which indeed can be tricky and needs a lot more attention. Can you post a schematic drawing of what your (BGP) network looks like ?
09-17-2017 10:00 AM
my final target is to design a community-list like GTT , so no matter what schematic is , the most important is the thinking of design .
09-18-2017 09:13 PM
I think I mentioned this previously. If you wish to build a BGP network where communities are set, or attributes are sent by customers of your network to manipulate attributes such as local-as, no-export, as-prepend, etc, you have a lot of work to do.
You should investigate something like IRRd, or somewhere you can centralise a policy distribution. Learn how to use RPSL-NG to define policy for each peering. You can then have a central location that you could integrate with Ansible or Chef to deploy the policy. Otherwise, it's visiting each peering, and setting the policy manually. There are virtual appliances out there that can build a service database and attach RPSL to peers.
Asking to build a global BGP policy in a forum like this is probably not going to get a lot of responses. :-)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide