JUNOSe 9.1.x IP Services Configuration Guide > Configuring Routing Policy > Community Lists

Community Lists

A community is a logical group of prefixes that share some common attribute. Community members can reside on different networks and in different autonomous systems. BGP enables you to define the community to which a prefix belongs. A prefix can belong to more than one community. The community attribute lists the communities to which a prefix belongs.

You can use communities to simplify routing policies by configuring the routing information that a BGP device can accept, prefer, or distribute to other neighbors according to community membership. When a route is learned, advertised, or redistributed, a BGP device can set, append, or modify the community of a route. When routes are aggregated, the resulting BGP update contains a community attribute that contains all communities from all of the aggregated routes (if the aggregate is an AS-set aggregate).

Several well-known communities are predefined. Table 5 describes how a BGP device handles a route based on the setting of its community attribute.

 Table 5:  Action Based on Well-Known Community Membership 

 Well-Known Community
  BGP Device Action

 no-export

 Does not advertise the route beyond the BGP confederation boundary


 no-advertise

 Does not advertise the route to any peers, IBGP, or EBGP


 local-as (also known as no-export-subconfed)

 Does not advertise the route to any external peers


 internet

 Advertises this route to the Internet community; by default, all prefixes are members of the Internet community



 

In addition to the well-known communities, you can define local-use communities, also known as private communities or general communities. These communities serve as a convenient way to categorize groups of routes to facilitate the use of routing policies. The community attribute consists of four octets, but it is common practice to designate communities in the AA:NN format. The autonomous system number (AA) comprises the higher two octets, and the community number (NN) comprises the lower two octets. Both are expressed as decimal numbers. For example, if a prefix in AS 23 belongs to community 411, the attribute could be expressed as 23:411. Use the ip bgp-community new-format command to specify that the show commands display communities in this format. You can also use a regular expression to specify the community attribute.

Use the set community command in route maps to configure the community attributes. You can add one or more communities to the attribute, or you can use the list keyword to add a list of communities to the attribute. By default, the community attribute is not sent to BGP peers. To send the community attribute to a neighbor, use the neighbor send community command.

A community list is a sequential collection of permit and deny conditions. Each condition describes the community number to be matched. If you issued the ip bgp-community new-format command, the community number is in AA:NN format; otherwise, it is in decimal format (the hexadecimal octets converted to decimal).

The router tests the community attribute of a route against each condition in a community list. The first match determines whether the router accepts (the route is permitted) or rejects (the route is denied) a route that has the specified community. Because the router stops testing conditions after the first match, the order of the conditions is critical. If no conditions match, the router rejects the route.

Consider the network structure shown in Figure 5.

Figure 5: Community Lists

Suppose you want router Albany to set metrics for routes that it forwards to router Boston based on the communities to which the routes belong. You can create community lists and filter the routes with a route map that matches on the community list. The following example configures router Albany:

host1(config)#router bgp 293

host1(config-router)#neighbor 10.5.5.2 remote-as 32

host1(config-router)#neighbor 10.2.2.1 remote-as 451

host1(config-router)#neighbor 10.2.2.4 remote-as 17

host1(config-router)#neighbor 10.2.2.4 route-map commtrc out

host1(config-router)#exit

host1(config)#route-map commtrc permit 1

host1(config-route-map)#match community 1

host1(config-route-map)#set metric 20

host1(config-route-map)#exit

host1(config)#route-map commtrc permit 2

host1(config-route-map)#match community 2

host1(config-route-map)#set metric 75

host1(config-route-map)#exit

host1(config)#route-map commtrc permit 3

host1(config-route-map)#match community 3

host1(config-route-map)#set metric 85

host1(config-route-map)#exit

host1(config)#ip community-list 1 permit 25

host1(config)#ip community-list 2 permit 62

host1(config)#ip community-list 3 permit internet

Community list 1 comprises routes with a community of 25; their metric is set to 20. Community list 2 comprises routes with a community of 62; their metric is set to 75. Community 3 catches all remaining routes by matching the Internet community; their metric is set to 85.

ip bgp-community new-format

• Use to specify that communities must be displayed in AA:NN format, where AA is a number that identifies the autonomous system and NN is a number that identifies the community within the autonomous system.
• Example

host1(config)#ip bgp-community new-format

• Use the no version to restore the default display.

ip community-list

• Use to create a community list for BGP and control access to it.
• The list name can be up to 32 characters long.
• A route can belong to any number of communities, so a community list can have many entries comprising many communities.
• You can specify one or more community values when you create a community list. A clause in a route map that includes a list that has more than one value matches only a route that has all of the values; that is, the multiple values are logical ANDed.
• You can specify community values with a number or a regular expression.
• Example

host1(config)#ip community-list 1 permit 100:2 100:3 100:4

host1(config)#route-map marengo permit 10

host1(config-route-map)#match community 1

A route matches this community list only if it belongs to at least all three communities in community list 1: communities 100:2, 100:3, and 100:4.

• Use the no version to remove the specified community list, including all list entries.

neighbor send-community

• Use to specify that a community attribute be sent to a BGP neighbor.
• If you specify a BGP peer group by using the peer-group-name argument, all the members of the peer group inherit the characteristic configured with this command.
• Example

host1:vr1(config-router)#neighbor 192.3.4.5 send-community standard

• Use the no version to specify that common attributes not be sent to a BGP neighbor.

set community

• Use to set the community attribute in BGP updates.
• You can specify a community list number in the range 1–4294967295, or in the new community format of AA:NN, or you can specify one of the following well-known communities:

• local-as—Prevents advertisement outside the local AS
• no-advertise—Prevents advertisement to any peer
• no-export—Prevents advertisement beyond the BGP confederation boundary

• Alternatively, you can use the list keyword to specify the name of a community list that you previously created with the ip community-list command.
• You can use this command with inbound, outbound, and redistribution route maps.
• Use the none keyword to remove the community attribute from a route.
• Example

host1(config)#route-map 1 

host1(config-route-map)#set community no-advertise

• Use the no version to remove the set clause from a route map.

Extended Community Lists

The router supports the BGP extended community attribute defined in
Internet draft BGP Extended Communities Attribute— draft-ietf-idr-bgp-ext-communities-07.txt (February 2004 expiration). This attribute enables the definition of a type of IP extended community and extended community list unrelated to the community list that uses regular expressions.

NOTE: IETF drafts are valid for only six months from the date of issuance. They must be considered as works in progress. For the latest drafts, please see the IETF Web site at http://www.ietf.org.

BGP devices can use the extended community attribute to control routes much like they use the community attribute to determine routes that they accept, reject, or redistribute. A BGP device can append the extended community attribute to a route that does not have the attribute before it advertises the route. For routes that do have the attribute, BGP can modify the attribute.

ip extcommunity-list

• Use to create an extended community list for BGP and control access to it.
• A route can belong to any number of communities, so an extended community list can have many entries comprising many communities.
• You can specify one or more community values when you create an extended community list. A clause in a route map that includes a list that has more than one value matches only a route that has all of the values; that is, the multiple values are logical ANDed.
• Use the rt keyword to specify a route target community, which consists of one or more routers that can receive a set of routes advertised by BGP that carry the extended community attribute.
• Use the soo keyword to specify a site-of-origin community, which consists of one or more routers that inject into BGP a set of routes that carry the extended community attribute.
• Example

host1(config)#ip extcommunity-list boston1 permit rt 100:2 rt 100:3 rt 100:4

host1(config)#route-map marengo permit 10

host1(config-route-map)#match extcommunity boston1

A route matches this community list only if it belongs to at least all three communities in extended community list boston1: communities 100:2, 100:3, and 100:4.

• Use the no version to remove a single extended community list entry if you specify the permit or deny keyword and a path expression. Otherwise, the router removes the entire community list.

match extcommunity

• Use to match an extended community list in a route map.
• You can specify one or more extended community list names in a match clause. If you specify more than one extended community list, the lists are logically ORed.
• Example

host1(config-route-map)#match extcommunity topeka10

• Use the no version to remove the match clause from a route map or a specified value from the match clause.

set extcommunity

• Use to set the extended community attributes in a route map for BGP updates.
• Use the rt keyword to specify a route target community, which consists of one or more routers that can receive a set of routes advertised by BGP that carry the extended community attribute.
• Use the soo keyword to specify a site-of-origin community, which consists of one or more routers that inject into BGP a set of routes that carry the extended community attribute.
• You can specify both a route target community and a site-of-origin community at the same time in a set clause without them overwriting each other.
• Example

host1(config)#route-map 1 

host1(config-route-map)#set extcommunity rt 10.10.10.2:325

• Use the no version to remove the set clause from the route map.

show ip extcommunity-list

• Use to display information about a specific extended community list or all extended community lists.
• Example

host1#show ip extcommunity-list

IP Extended Community List dresden1:

    permit soo 10.10.10.10:15

IP Extended Community List bonn:

    deny rt 12:12