BGP communities provide a way to group destinations and apply routing decisions such as acceptance, rejection, preference,
or redistribution on a group of destinations using community attributes. BGP community attributes are variable length attributes
consisting of a set of one or more 4-byte values which are split into two parts of 16 bits. The higher-order 16 bits represents
the AS number and the lower order bits represents a locally defined value assigned by the operator of the AS.
Since the adoption of 4-byte ASNs (RFC6793), the BGP communities attribute can no longer accommodate the 4 byte ASNs as you
need more than 4 bytes to encode the 4-byte ASN and an AS specific value that you want to tag with the route. Although BGP
extended community permits a 4-byte AS to be encoded as the global administrator field, the local administrator field has
only 2-byte of available space. So, 6-byte extended community attribute is also unsuitable. To overcome this limitation, you
can configure a 12-byte BGP large community which is an optional attribute that provides the most significant 4-byte value
to encode autonomous system number as the global administrator and the remaining two 4-byte assigned numbers to encode the
local values.
Similar to BGP communities, routers can apply BGP large communities to BGP routes by using route policy languages (RPL) and
other routers can then perform actions based on the community that is attached to the route. The policy language provides
sets as a container for groups of values for matching purposes.
When large communities are specified in other commands, they are specified as three non negative decimal integers separated
by colons. For example, 1:2:3. Each integer is stored in 32 bits. The possible range for each integer is 0 to 4294967295.
In route-policy statements, each integer in the BGP large community can be replaced by any of the following expressions :
-
[x..y] — This expression specifies a range between x and y, inclusive.
-
* —This expression stands for any number.
-
peeras — This expression is replaced by the AS number of the neigbhor from which the community is received or to which the
community is sent, as appropriate.
-
not-peeras —This expression matches any number other than the peeras.
-
private-as — This expression specifies any number in the private ASN range: [64512..65534] and [4200000000..4294967294].
These expressions can be also used in policy-match statements.
IOS regular expression (ios-regex) and DFA style regular expression (dfa-regex) can be used in any of the large-community
policy match and delete statements. For example, the IOS regular expression ios-regex '^5:.*:7$' is equivalent to the expression
5:*:7.
The send-community-ebgp command is extended to include BGP large communities. This command is required for the BGP speaker to send large communities
to ebgp neighbors.
For more information about BGP communities, extended communities, and route policy language, see the following link: https://www.cisco.com/c/en/us/td/docs/routers/asr9000/software/asr9k-r6-2/routing/configuration/guide/b-routing-cg-asr9000-62x/b-routing-cg-asr9000-62x_chapter_01011.html
Restrictions and Guidelines
The following restrictions and guidelines apply for BGP large communities:
-
All functionalities of the BGP community attribute is available for the BGP large-community attribute.
-
The send-community-ebgp command is required for the BGP speaker to send large communities to ebgp neighbors.
-
There are no well-known large-communities.
-
The peeras expression cannot be used in a large-community-set.
-
The peeras expression can only be used in large-community match or delete statements that appear in route policies that are
applied at the neighbor-in or neighbor-out attach points.
-
The not-peeras expression cannot be used in a large-community-set or in policy set statements.
Configuration Example: Large Community Set
A large-community set defines a set of large communities. Named large-community sets are used in route-policy match and set
statements.
This example shows how to create a named large-community set.
RP/0/RP0/CPU0:router(config)# large-community-set catbert
RP/0/RP0/CPU0:router(config-largecomm)# 1: 2: 3,
RP/0/RP0/CPU0:router(config-largecomm)# peeras:2:3
RP/0/RP0/CPU0:router(config-largecomm)# end-set
Configuration Example: Set Large Community
The following example shows how to set the BGP large community attribute in a route, using the set large-community {large-community-set-name | inline-large-community-set | parameter } [additive ] command. You can specify a named large-community-set or an inline set. The additive keyword retains the large communities already present in the route and adds the new set of large communities. However the
additive keyword does not result in duplicate entries.
If a particular large community is attached to a route and you specify the same large community again with the additive keyword in the set statement, then the specified large community is not added again. The merging operation removes duplicate
entries. This also applies to the peeras keyword.
The peeras expression in the example is replaced by the AS number of the neighbor from which the BGP large community is received
or to which the community is sent, as appropriate.
RP/0/RP0/CPU0:router(config)# route-policy mordac
RP/0/RP0/CPU0:router(config-rpl)# set large-community (1:2:3, peeras:2:3)
RP/0/RP0/CPU0:router(config-rpl)# end-set
RP/0/RP0/CPU0:router(config)# large-community-set catbert
RP/0/RP0/CPU0:router(config-largecomm)# 1: 2: 3,
RP/0/RP0/CPU0:router(config-largecomm)# peeras:2:3
RP/0/RP0/CPU0:router(config-largecomm)# end-set
RP/0/RP0/CPU0:router(config)# route-policy wally
RP/0/RP0/CPU0:router(config-rpl)# set large-community catbert additive
RP/0/RP0/CPU0:router(config-rpl)# end-set
In this example, if the route-policy mordac is applied to a neighbor, the ASN of which is 1, then the large community (1:2:3)
is set only once.
Note
|
You should configure the send-community-ebgp command to send large communities to ebgp neighbors.
|
Configuration Example: Large Community Matches-any
The following example shows how to configure a route policy to match any element of a large -community set. This is a boolean
condition and returns true if any of the large communities in the route match any of the large communities in the match condition.
RP/0/RP0/CPU0:router(config)# route-policy elbonia
RP/0/RP0/CPU0:router(config-rpl)# if large-community matches-any (1:2:3, 4:5:*) then
RP/0/RP0/CPU0:router(config-rpl)# set local-preference 94
RP/0/RP0/CPU0:router(config-rpl)# endif
RP/0/RP0/CPU0:router(config-rpl)# end-policy
Configuration Example: Large Community Matches-every
The following example shows how to configure a route policy where every match specification in the statement must be matched
by at least one large community in the route.
RP/0/RP0/CPU0:router(config)# route-policy bob
RP/0/RP0/CPU0:router(config-rpl)# if large-community matches-every (*:*:3, 4:5:*) then
RP/0/RP0/CPU0:router(config-rpl)# set local-preference 94
RP/0/RP0/CPU0:router(config-rpl)# endif
RP/0/RP0/CPU0:router(config-rpl)# end-policy
In this example, routes with these sets of large communities return TRUE:
Routes with the following set of large communities return FALSE:
(1:1:3, 5:5:10)—The specification (4:5:*) is not matched.
Configuration Example: Large Community Matches-within
The following example shows how to configure a route policy to match within a large community set. This is similar to the
large-community matches-any command but every large community in the route must match at least one match specification. Note that if the route has no
large communities, then it matches.
RP/0/RP0/CPU0:router(config)# route-policy bob
RP/0/RP0/CPU0:router(config-rpl)# if large-community matches-within (*:*:3, 4:5:*) then
RP/0/RP0/CPU0:router(config-rpl)# set local-preference 103
RP/0/RP0/CPU0:router(config-rpl)# endif
RP/0/RP0/CPU0:router(config-rpl)# end-policy
For example, routes with these sets of large communities return TRUE:
-
(1:1:3, 4:5:10)
-
(4:5:3)
-
(1:2:3, 6:6:3, 9:4:3)
Routes with this set of large communities return FALSE:
(1:1:3, 4:5:10, 7:6:5) —The large community (7:6:5) does not match
Configuration Example: Community Matches-within
The following example shows how to configure a route policy to match within the elements of a community set. This command
is similar to the community matches-any command, but every community in the route must match at least one match specification. If the route has no communities, then
it matches.
RP/0/RP0/CPU0:router(config)# route-policy bob
RP/0/RP0/CPU0:router(config-rpl)# if community matches-within (*:3, 5:*) then
RP/0/RP0/CPU0:router(config-rpl)# set local-preference 94
RP/0/RP0/CPU0:router(config-rpl)# endif
RP/0/RP0/CPU0:router(config-rpl)# end-policy
For example, routes with these sets of communities return TRUE:
-
(1:3, 5:10)
-
(5:3)
-
(2:3, 6:3, 4:3)
Routes with this set of communities return FALSE:
(1:3, 5:10, 6:5) —The community (6:5) does not match.
Configuration Example: Large Community Is-empty
The following example shows using the large-community is-empty clause to filter routes that do not have the large-community attribute set.
RP/0/RP0/CPU0:router(config)# route-policy lrg_comm_rp4
RP/0/RP0/CPU0:router(config-rpl)# if large-community is-empty then
RP/0/RP0/CPU0:router(config-rpl)# set local-preference 104
RP/0/RP0/CPU0:router(config-rpl)# endif
RP/0/RP0/CPU0:router(config-rpl)# end-policy
Configuration Example: Attribute Filter Group
The following example shows how to configure and apply the attribute-filter group with large-community attributes for a BGP
neighbor. The filter specifies the BGP path attributes and an action to take when BGP update message is received. If an update
message is received from the BGP neighbor that contains any of the specified attributes, then the specified action is taken.
In this example, the attribute filter named dogbert is created and applied to the BGP neighbor 10.0.1.101. It specifies the
large community attribute and the action of discard. That means, if the large community BGP path attribute is received in
a BGP UPDATE message from the neighbor 10.0.1.101 then the attribute will be discarded before further processing of the message.
RP/0/RP0/CPU0:router(config)# router bgp 100
RP/0/RP0/CPU0:router(config-bgp)# attribute-filter group dogbert
RP/0/RP0/CPU0:router(config-bgp-attrfg)# attribute LARGE-COMMUNITY discard
RP/0/RP0/CPU0:router(config-bgp-attrfg)# neighbor 10.0.1.101
RP/0/RP0/CPU0:router(config-bgp-nbr)# remote-as 6461
RP/0/RP0/CPU0:router(config-bgp-nbr)# update in filtering
RP/0/RP0/CPU0:router(config-nbr-upd-filter)# attribute-filter group dogbert
Configuration Example: Deleting Large Community
The following example shows how to delete specified BGP large-communities from a route policy using the delete large-community command.
RP/0/RP0/CPU0:router(config)# route-policy lrg_comm_rp2
RP/0/RP0/CPU0:router(config-rpl)# delete large-community in (ios-regex '^100000:’)
RP/0/RP0/CPU0:router(config-rpl)# delete large-community all
RP/0/RP0/CPU0:router(config-rpl)# delete large-community not in (peeras:*:*, 41289:*:*)
Verification
This example displays the routes with large-communities given in the show bgp large-community
list-of-large-communities [exact-match ] command. If the optional keyword exact-match is used, then the listed routes will contain only the specified large communities. Otherwise, the displayed routes may contain
additional large communities.
RP/0/0/CPU0:R1# show bgp large-community 1:2:3 5:6:7
Thu Mar 23 14:40:33.597 PDT
BGP router identifier 4.4.4.4, local AS number 3
BGP generic scan interval 60 secs
Non-stop routing is enabled
BGP table state: Active
Table ID: 0xe0000000 RD version: 66
BGP main routing table version 66
BGP NSR Initial initsync version 3 (Reached)
BGP NSR/ISSU Sync-Group versions 66/0
BGP scan interval 60 secs
Status codes: s suppressed, d damped, h history, * valid, > best
i - internal, r RIB-failure, S stale, N Nexthop-discard
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
* 10.0.0.3/32 10.10.10.3 0 94 0 ?
* 10.0.0.5/32 10.11.11.5 0 0 5 ?
This example displays the large community attached to a network using the show bgp
ip-address/ prefix-length command.
RP/0/0/CPU0:R4# show bgp 10.3.3.3/32
Thu Mar 23 14:36:15.301 PDT
BGP routing table entry for 10.3.3.3/32
Versions:
Process bRIB/RIB SendTblVer
Speaker 42 42
Last Modified: Mar 22 20:04:46.000 for 18:31:30
Paths: (1 available, best #1)
Advertised to peers (in unique update groups):
10.11.11.5
Path #1: Received by speaker 0
Advertised to peers (in unique update groups):
10.11.11.5
Local
10.10.10.3 from 10.10.10.3 (10.3.3.3)
Origin incomplete, metric 0, localpref 94, valid, internal, best, group-best
Received Path ID 0, Local Path ID 0, version 42
Community: 258:259 260:261 262:263 264:265
Large Community: 1:2:3 5:6:7 4123456789:4123456780:4123456788