What is Community?

One or more BGP prefix that share a common property such as all should have specific MED or Local Preference value etc.


What is BGP Community?

The BGP community is the tagging mechanism we use to mark our BGP prefixes.

The BGP community is an Optional, Transitive BGP attribute, meaning that if they exist they should be propagated to all BGP neighbors.

(The word “Optional” here means it’s optional to use, but once you used it should be propagated to all BGP neighbors)


The BGP community attribute is a numerical value tag that can be assigned to a specific prefix and advertised to other neighbors.


1.png

When the neighbor receives the prefix it will examine the community value and take proper action whether it is filtering or modifying other attributes.

2.png

Any BGP prefix can have more than one tag (BGP community); each tag means something or leads to specific unique action. (you can attach up to 32 communities to a single route).

3.png

Why use BGP communities?

1-Customers can use it internally to mark a set of prefixes that share a common property then apply a common routing policy such as filtering or assigning a specific local preference etc.

BGP Communities are useful to solve asymmetrical customer routing problems.


2-Service providers can make an agreement with your customers on a specific policy to be applied to their prefixes using BGP communities.

In the below link, you will find some communities that SP force customers to apply on their Customer Edges

https://onestep.net/communities/


What BGP Community looks like?

There are three types of BGP communities:

•            Standard communities

•            Extended communities

•            Large communities


Standard communities written as numeric 32-bit tags in (AS:Action) format

The first 16 bits is the (AS) number of the AS that defines the community.

The second 16 bits have the local significance (Action)


The primary purpose of standard communities is to the group and tag routes so that actions can perform.

The BGP community can be displayed in full 32-bit format (0-4,294,967,295) or as two 16 bit numbers (0-65535):(0-65535) commonly referred to as new-format.


Extended communities written as numeric 64-bit tags in (Type:AS:Membership) format

The first 16 bits are used to encode a type that defines a specific purpose for an extended community, extended community type numbers are assigned by Internet Assigned Numbers Authority (IANA).

The remaining 48 bits can be used by operators to implement the required policy, given the purpose of the extended community

MPLS VPN are an example where the Route Target (RT) extended community use to control the exporting and importing of VPN routes.

Simply, Route Target (RT) used in MP-BGP with MPLS L3 VPN , its indicates to PE routers if a route should be imported into VRF

There are many other types of extended communities, such as to encode the Site of Origin (SOO), Ethernet VPN (EVPN), OSPF Domain Identifier.


Note: More about MP-BGP and RT in my CCIEv5 MPLS (LDP,vrf lite,MPLS VPN) Study Guide, you can find in the below link:

https://learningnetwork.cisco.com/s/article/cciev5-mpls-ldp-vrf-lite-mpls-vpn-study-guide


Large communities written as numeric 96-bit tags in (Source AS:Action: Target AS) format split into three 32-bit values which can accommodate more identification data including 4-byte AS numbers.


We will focus in this article on Standard and one case of extended communities.

                    


What are the well-known Standard BGP communities?

There are four well-known Standard BGP communities that you can use instead of picking a numeric value, but each one of these four well-known Standard BGP communities will have specific meaning and do specific unique actions for you.


The four well-known communities that can use to mark prefixes; are listed as follows:


Internet: advertise these tagged routes to all neighbors (IBGP & EBGP).               

Local-as: prevent sending tagged routes outside the local AS within the confederation.(route will not send to any EBGP neighbor or any to intra-confederation external neighbor )

No-Advertise: do not advertise this tagged route to any peer, internal or external (IBGP & EBGP) (tell receiving router to keep the tag to yourself and do not pass to any neighbor).

No-Export: do not advertise this tagged route to EBGP peers, in other meaning Only advertise to IBGP neighbors.


How to set community attribute values?

Using Route-maps associated with:

·        Network Command

·        Aggregate address

·        Neighbor command

·        Redistribution command


•Network command: the optional route-map at the end of the network command can be used to set the community of the advertised prefix.

•Aggregate address: the Attribute-map option can be used to set the attributes of the aggregate route including the community value.

•Neighbor command: a route-map can be used to set the community of specific prefixes received from or sent to the neighbor.

•Redistribution: you can set the community attribute of the redistributed prefixes using the route-map option of the redistribute command.


Important: The set community command erases existing communities attached to a route and replaces them with the new set of communities unless you specify the additive option.

The only mechanism to set BGP community in Cisco IOS is the set community command in a route-map.



How to match community attribute values?

•A standard or expanded IP community list must be configured specifying the values to be matched.

•Use the match statement in a route map to match the values specified in the IP community list.

•The route map can be used to apply routing policies by setting other attributes or filtering the prefix based on the matched community value.


Notes:

·        Routers by default remove (stripped) communities in BGP outgoing updates, to override this default behavior you should use send-community command per neighbor.

·        Routers that do not support community attributes will pass the attribute to other neighbors because its transitive attribute.


BGP standard well-known communities Lab






4.png


Basic Configuration

5.png


6.png

Configure R1 so when advertising 1.1.1.0 network to R2

R2 must not advertise it to other IBGP or EBGP neighbors


7.png

R1

·        Create ACL point to network 1.1.1.0/24

access-list 1 permit 1.1.1.0 0.0.0.255

·        Create a Route map match the ACL and assign the well-known community (no-advertise)

route-map NOONE permit 10

match ip addr 1

set community no-advertise

route-map NOONE permit 20

·        Override the default behavior of stripping communities in BGP outgoing updates to your R2 neighbor IP address.

·        Associate the route map to R2 neighbor IP address with (out) direction to affect his decision.

router bgp 100

nei 10.12.12.2 send-community

nei 10.12.12.2 route-map NOONE out

 

Note about directions available in route-map:

·        IN means will affect local router decision

·        OUT means will affect the neighbor decision

 

R1#clear ip bgp * soft out


8.png

As we can see above R2 received, prefix 1.1.1.0/24 with no-advertise well-known standard community attached to it, this well-known standard community means do not advertise this received prefix to your IBGP/EBGP neighbors and that is why R5 does not have it anymore.

9.png


Configure R5 to advertise 5.5.5.0 to R3 but R3 must not advertise it to any ebgp neighbor


10.png

11.png

R5

ip prefix-list NET5 permit 5.5.5.0/24

route-map net5 permit 10

match ip addr prefix NET5

set community no-export

route-map net5 permit 20

 

router bgp 400

nei 10.35.35.3 send-community

nei 10.35.35.3 route-map net5 out

 

R5#clear ip bgp * soft out

 

R3 should be configured with send-community as well

router bgp 200

nei 10.23.23.2 send-community

 

R3#clear ip bgp * soft out

12.png

13.png

Configure R3 to advertise 3.3.3.0/24 to routers in its own AS only

 

R3

route-map MYASONLY permit 10

set community local-as


router bgp 200

net 3.3.3.0 route-map MYASONLY

nei 10.23.23.2 send-community


R3#sh ip bgp 3.0.0.0

BGP routing table entry for 3.0.0.0/8, version 9

Paths: (1 available, best #1, table Default-IP-Routing-Table, not advertised outside local AS)

Flag: 0x880

 Advertised to update-groups:

       2

 Local

   0.0.0.0 from 0.0.0.0 (3.3.3.3)

     Origin IGP, metric 0, localpref 100, weight 32768, valid, sourced, local, best

     Community: local-AS

 

 

R1#sh ip bgp 3.0.0.0

% Network not in table

 

We configured before R1 to attach no-advertise attribute with 1.1.1.0 to R2, so R2 will not send it to ibgp or ebgp neighbors from R2 make it do the opposite and advertise 1.1.1.0 to ibgp & ebgp neighbors

 

R2

access-list 1 permit 1.1.1.0

route-map TOALL permit 10

match ip addr 1

set community internet

 

router bgp 200

nei 10.12.12.1 route-map TOALL in

14.png

15.png'


BGP standard communities using numeric values


In the previous lab, we used ACL to identify routes then match them in a route map then assign one of the four standard well-known communities (tags) , In such as case routers know what to do with these tagged routes based on which one of the four standard well-known communities we are using.

However, when using numeric values for tagging, we will have specific actions to do with these tagged routes, actions such as using Local preference or setting specific next hop for these routes.

Therefore, we will need ACL to identify tags then apply action on this ACL, in this case, this is not called ACL but called Community List.

Once you configure your Named Community list , you can match these lists in route-map configuration with match community command.


1.png

Note: Named Community List used for numeric tags values or standard well-known community tags as well.


Named Community List Examples:


·        Standard Numbered community list , permits all routes except the routes that tagged with the two communities (5 and 10 ) or (10 and 15)

Router(config)# ip community-list 1 deny 5 10

Router(config)# ip community-list 1 deny 10 15

Router(config)# ip community-list 1 permit internet


·        Standard Numbered community list , permits all routes within the local AS

Router(config)# ip community-list 1 permit local-as


·        Standard Named community list with the name CLN, permits all routes within the local AS and denies all routes with the internet community attribute

 

Router(config)# ip community-list standard CLN permit local-AS

Router(config)# ip community-list standard CLN deny internet


·        Expanded Named community list with the name CLN, will not advertise routes to EBGP peers

Router(config)# ip community-list expanded CLN permit no-export


·        Expanded Named community list with the name CLN, will not advertise this route to any iBGP or EBGP peers

Router(config)# ip community-list expanded CLN permit no-advertise


·        Expanded Numbered community list use a regular expression to deny all communities that contain a certain number

Router(config)# ip community-list 100 deny [0-9]*


BGP standard communities using numeric value Lab


2.png

Basic Configuration

3.png

AS 1 represent Customer, AS 100 represent ISP 1, and AS 200 represent ISP 2

R3 (ISP 1) received prefix 192.168.100.0/24 from R4 (ISP 2) and R1 (Customer)

Since Weight and Local Preferences are left at their default values so R3 will choose the best path to 192.168.100.0/24 with the shortest AS Path which is R1 .


4.png

5.png

6.png


Our objective here will be to influence R3 to send his traffic through R3 instead of R1.

How we will accomplish that?

You as a Customer agreed with ISP1 that 100:17 community will set the Local Preferences to 50 on ISP 1 side, since default LP is 100 so when we set it to 50 it will not choose as the best path.

R1

route-map CLN permit 10

set community 100:17

router bgp 1

nei 10.13.13.3 route-map CLN out

nei 10.13.13.3 send-community


R3

ip community-list 7 permit 100:17

route-map SETLP permit 10

match community 7

set local-preference 50

exit

route-map SETLP permit 20

router bgp 100

nei 10.13.13.1 route-map SETLP in

do clear ip bgp *


7.png

8.png

9.png

Notice that community is displayed as a single 32-bit value , if you want it to be in a form of as:nn then use the following command:

R3(config)#ip bgp-community new-format


10.png


What is BGP Cost Community?


·        Nontransitive Extended Community Attribute.

·        Passed to IBGP and confederation peers only, but not EBGP peers.

·        Allow you to customize local router preference, which means it influences the best path selection process.

·        It is applied to the internal router by configuring set extcommunity cost command in route map , then route-map applied by neighbor basis.


Command Syntax for (set extcommunity cost)

11.png


If two paths have the same Cost value number, then the one with the lowest Cost Community ID is preferred.


Notes:

·        Keyword (igp) forces the cost community to be evaluated after the IGP distance to the next hop has been compared.

·        For any temporary reason, if you want your router to not evaluate cost community attribute during the best path selection process, then use the following command:

Bgp bestpath cost-community ignore


BGP Cost Community Lab

12.png

Basic Configuration


13.png

14.png

R4 received prefixes for 192.168.100.0/24 and 192.168.200.0/24 from R2 and R3.

R4 will prefer to reach these two prefixes through R2.

15.png

16.png

Our objective here is to make R4 prefer R3 when communicate with prefix 192.168.100.0/24

How to accomplish that?

We will use Cost community to mark this prefix in R4 and influence its decision to prefer R3 when try to reach it.

R4

ip prefix-list P100 permit 192.168.100.0/24


route-map RM100 permit 10

match ip add prefix P100

set extcommunity cost 1 1

route-map RM100 permit 20

exit


router bgp 234

nei 10.234.234.3 send-community both

nei 10.234.234.3 route-map RM100 in

exit

do clear ip bgp *

17.png

18.png


Another use case for Extended BGP Communities when solving the backup link issues in MPLS L3 VPN.

You can read EIGRP with SOO example in my study guide below from page 52 to page 55 

https://learningnetwork.cisco.com/s/article/cciev5-mpls-ldp-vrf-lite-mpls-vpn-study-guide