{"id":1309,"date":"2016-07-06T04:08:31","date_gmt":"2016-07-06T04:08:31","guid":{"rendered":"http:\/\/www.mtin.net\/blog\/?p=1309"},"modified":"2016-07-06T04:10:24","modified_gmt":"2016-07-06T04:10:24","slug":"how-i-learned-to-love-bgp-communities-and-so-can-you","status":"publish","type":"post","link":"http:\/\/www.mtin.net\/blog\/how-i-learned-to-love-bgp-communities-and-so-can-you\/","title":{"rendered":"How I learned to love BGP communities, and so can you"},"content":{"rendered":"

BGP communities can be a powerful, but almost mystical thing. \u00a0If you aren’t familiar with communities start here at Wikipedia<\/a>. \u00a0For the purpose of part one of this article we will talk about communities and how they can be utilized for traffic coming into your network.\u00a0Part two of this article will talk about applying what you have classified to your peers.<\/p>\n

So let’s jump into it. \u00a0Let’s start with XYZ ISP. They have the following BGP peers:<\/p>\n

-Peer one is Typhoon Electric. \u00a0XYZ ISP buys an internet connection from Typhoon.
\n-Peer two is Basement3. XYZ ISP also buy an internet connection from Basement3
\n-Peer three is Mauler Automotive. XYZ ISP sells internet to Mauler Automotive.
\n-Peer four is HopOffACloud web hosting. \u00a0XYZ ISP and HopOffACloud are in the data center and have determined they exchange enough traffic amongst their ASN’s to justify a dedicated connection between them.
\n-Peer five is the local Internet exchange (IX) in the data center.<\/p>\n

So now that we know who our peers are, we need to assign some communities and classify who goes in what community. \u00a0The Thing to keep in mind here, is communities are something you come up with. There are common numbers people use for communities, but there is no rule on\u00a0what you have to number your communities as. So before we proceed we will need to also know what our own ASN is. \u00a0For XYZ we will say they were assigned AS64512. For those of you who are familiar with BGP, you will see this is a private ASN. \u00a0I just used this to lessen any confusion. \u00a0If you are following along at home replace 65412 with your own ASN.<\/p>\n

So we will create four communities\u00a0.<\/p>\n

64512:100 = transit
\n64512:200 = peers
\n64512:300 = customers
\n64512:400 = my routes<\/p>\n

Where did we create these? For now on paper.<\/p>\n

So let’s break down each of these and how they apply to XYZ network. If you need some help with the terminology see this previous post<\/a>.
\n64512:100 – Transit<\/strong>
\nTransit will apply to Typhoon Electric and Basement3. \u00a0These are companies you are buying internet transit from.<\/p>\n

64512:200 – Peers<\/strong>
\nPeers apply to HopOffACloud and the IX. These are folks you are just exchanging your own and your customer’s routes with.<\/p>\n

64512:300 – Customers<\/strong>
\nThis applies to Mauler Automotive. \u00a0This is a customer buying Internet from you. They transit your network to get to the Internet.<\/p>\n

64512:200 – Local<\/strong>
\nThis applies to your own prefixes. \u00a0These are routes within your own network or this particular ASN.<\/p>\n

Our next step is to take the incoming traffic and classify into one of these communities. Once we have it classified we can do stuff with it.<\/p>\n

If we wanted to classify the Typhoon Electric traffic we would do the following in Mikrotik\u00a0land:<\/p>\n

\/<\/span>routing filter<\/span>\r\nadd action<\/span>=<\/span>passthrough chain<\/span>=<\/span>TYPHOON<\/span>-IN<\/span> prefix<\/span>=<\/span>0.0<\/span>.<\/span>0.0<\/span>\/<\/span>0<\/span> prefix<\/span>-<\/span>length<\/span>=<\/span>0<\/span>-<\/span>32<\/span> set<\/span>-<\/span>bgp<\/span>-<\/span>communities<\/span>=64512<\/span>:1<\/span>00<\/span> comment<\/span>=<\/span>\"Tag incoming prefixes with :100\"<\/span><\/pre>\n
This would go at the top of your filter chain for the Typhoon Electric peer. \u00a0This simply applies 64512:100 to the prefixes learned from Typhoon.<\/p>\n
In Cisco Land our configuration would look like this:<\/p>\n
route-map Typhoon-in permit 20 \u00a0\r\nmatch ip address 102 \u00a0\r\nset community 64512:100<\/pre>\n
The above Cisco configuration creates a route map, matches a pre-existing access list named 102, and applies community 64512:100 to prefixes learned.<\/p>\n
For Juniper\u00a0you can add the following command to an incoming peer in\u00a0policy-options<\/em>:<\/p>\n
set community Typhoon-in members\u00a064512:100<\/pre>\n
Similar to the others you are applying this community to a policy.<\/p>\n
So what have we done so far, we have taken the received prefixes from Typhoon Electric and applied community 64512:100 to it. \u00a0This simply puts a classifier on all traffic from that peer. We could modify the above example to classify traffic from our other peers based upon what community we want them tagged as.<\/p>\n
In our next segment we will learn what we can do with these communities.<\/p>\n","protected":false},"excerpt":{"rendered":"
BGP communities can be a powerful, but almost mystical thing. \u00a0If you aren’t familiar with communities start here at Wikipedia. \u00a0For the purpose of part one of this article we will talk about communities and how they can be utilized for traffic coming into your network.\u00a0Part two of this article will talk about applying what […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false,"jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false}}},"categories":[212,17],"tags":[13,19,339,340,25,341,5],"jetpack_publicize_connections":[],"aioseo_notices":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p6VLMf-l7","jetpack-related-posts":[{"id":1832,"url":"http:\/\/www.mtin.net\/blog\/the-problem-with-peering-from-a-logistics-standpoint\/","url_meta":{"origin":1309,"position":0},"title":"The problem with peering from a logistics standpoint","author":"j2sw","date":"September 29, 2017","format":false,"excerpt":"Many ISPs run into this problem as part of their growing pains.\u00a0 This scenario usually starts happening with their third or 4th peer. Scenario.\u00a0 ISP grows beyond the single connection they have.\u00a0 This can be 10 meg, 100 meg, gig or whatever.\u00a0 They start out looking for redundancy. The ISP\u2026","rel":"","context":"In "BGP"","block_context":{"text":"BGP","link":"http:\/\/www.mtin.net\/blog\/category\/networking\/bgp\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.mtin.net\/blog\/wp-content\/uploads\/2017\/09\/dreamstime_xs_87568893.jpg?fit=480%2C320&resize=350%2C200","width":350,"height":200},"classes":[]},{"id":1497,"url":"http:\/\/www.mtin.net\/blog\/bgp-local-pref-and-you\/","url_meta":{"origin":1309,"position":1},"title":"BGP local Pref and you","author":"j2sw","date":"January 7, 2017","format":false,"excerpt":"One of the bgp topics that comes up from time to time is what does \"bgp local-pref\" do for me? The short answer is it allows you to prefer which direction a traffic will flow to a given destination. How can this help you? Well before we start, remember the\u2026","rel":"","context":"In "BGP"","block_context":{"text":"BGP","link":"http:\/\/www.mtin.net\/blog\/category\/networking\/bgp\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":371,"url":"http:\/\/www.mtin.net\/blog\/transit-peer-downstream-what-do-they-all-mean\/","url_meta":{"origin":1309,"position":2},"title":"Transit, peer, downstream..what do they all mean?","author":"j2sw","date":"November 2, 2015","format":false,"excerpt":"As a service provider you have a mountain of terms to deal with. As you dive into the realm of BGP, you will hear many terms in regards to peers. \u00a0Knowing their names AND your definition of them will serve you well. \u00a0I emphasized the and in the last sentence\u2026","rel":"","context":"In "BGP"","block_context":{"text":"BGP","link":"http:\/\/www.mtin.net\/blog\/category\/networking\/bgp\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":284,"url":"http:\/\/www.mtin.net\/blog\/helpful-mikrotik-bgp-route-print\/","url_meta":{"origin":1309,"position":3},"title":"Helpful Mikrotik BGP route print","author":"j2sw","date":"May 2, 2015","format":false,"excerpt":"\/ip route print where received-from= Replace  with the name of one of your peers to show the routes received from that particular BGP peer.","rel":"","context":"In \"advertisments\"","block_context":{"text":"advertisments","link":"http:\/\/www.mtin.net\/blog\/tag\/advertisments\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":1377,"url":"http:\/\/www.mtin.net\/blog\/soft-reconfiguration-inbound\/","url_meta":{"origin":1309,"position":4},"title":"Soft Reconfiguration inbound","author":"j2sw","date":"September 15, 2016","format":false,"excerpt":"Several people have been asking what soft Reconfiguration Inbound is on a BGP peer. In the dark days of BGP you had to tear down the BGP session and do a full reestablishment in order to bring it up. \u00a0What soft reconfiguration does is copies of all routes received (this\u2026","rel":"","context":"In "BGP"","block_context":{"text":"BGP","link":"http:\/\/www.mtin.net\/blog\/category\/networking\/bgp\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":365,"url":"http:\/\/www.mtin.net\/blog\/basic-mikrotik-bgp-filter-rules\/","url_meta":{"origin":1309,"position":5},"title":"Basic Mikrotik BGP filter rules","author":"j2sw","date":"October 29, 2015","format":false,"excerpt":"Below are some basic Filter Rules for Mikrotik BGP filtering. \u00a0These are not complex and can be very easily implemented on your BGP peers. Before we get to the code there are a few assumptions 1.Your own IP space in this example is 1.1.1.0\/22 2.These filters are not fancy and\u2026","rel":"","context":"In "Mikrotik"","block_context":{"text":"Mikrotik","link":"http:\/\/www.mtin.net\/blog\/category\/mikrotik\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"jetpack_likes_enabled":true,"_links":{"self":[{"href":"http:\/\/www.mtin.net\/blog\/wp-json\/wp\/v2\/posts\/1309"}],"collection":[{"href":"http:\/\/www.mtin.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.mtin.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.mtin.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/www.mtin.net\/blog\/wp-json\/wp\/v2\/comments?post=1309"}],"version-history":[{"count":4,"href":"http:\/\/www.mtin.net\/blog\/wp-json\/wp\/v2\/posts\/1309\/revisions"}],"predecessor-version":[{"id":1313,"href":"http:\/\/www.mtin.net\/blog\/wp-json\/wp\/v2\/posts\/1309\/revisions\/1313"}],"wp:attachment":[{"href":"http:\/\/www.mtin.net\/blog\/wp-json\/wp\/v2\/media?parent=1309"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.mtin.net\/blog\/wp-json\/wp\/v2\/categories?post=1309"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.mtin.net\/blog\/wp-json\/wp\/v2\/tags?post=1309"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}