BGP Large Communities
A BGP community is bit of "extra information" that you can add to prefixes which are advertised to BGP neighbors. This extra information can be used for things like traffic engineering or dynamic routing policies. In order to understand BGP community we need to first understand the Autonomous System Numbers (ASN)
BGP AS Range
ASNs (Autonomous System Numbers) have to be unique on the Internet. The main reason for this is that BGP uses the AS number for its loop prevention mechanism. IANA is in control of the AS numbers (similar to public IP addresses). They started with 16-bit AS numbers (also called 2-octet AS numbers) that were assigned like this:-
0: reserved.
1-64.495: public AS numbers.
64.496 – 64.511 – reserved to use in documentation.
64.512 – 65.534 – private AS numbers.
65.535 – reserved.
-
"2-byte only AS Numbers" refers to AS Numbers in the range 0 – 65535
"4-byte only AS Numbers" refers to AS Numbers in the range 65536 – 4294967295
"4-byte AS Numbers" refers to AS Numbers in the range 0 – 4294967295
high-order-16-bit-value-in-decimal.low-order-16-bit-value-in-decimal:
-
"2-byte only AS Numbers" refers to AS Numbers in the range 0 – 65535
"4-byte only AS Numbers" refers to AS Numbers in the range 1.0 – 65535.65535
"4-byte AS Numbers" refers to AS Numbers in the range 0.0 – 65535.65535
Converting 4-bytes ASN from AS-plain to AS-dot
Take the 4 bytes ASN and divide by 65535, the last 2-byte ASN, you get the quotient and a remainder. The high order 16 bits will be represented by the quotient. The low order 16 bits will be the quotient minus the remainder. The AS-dot notation is therefore$QUOTIENT.$REMAINDER-$QUOTIENT
Example; ASN
194534 in the AS-dot format is 2.63462 Because
194534/65535 = 2 remainder 63646
and 63646 - 2 = 63642
Altenatively take the 4 bytes ASN and divide by 65536, the total number of 2-byte ASNs, you get the quotient and a remainder. The AS-dot notation is therefore
$QUOTIENT.$REMAINDER
The example becomes
194534/65536 = 2 remainder 63642 and the AS-dot 2.63642
When a BGP session is being formed between a device with support for 4-bytes ASN and one with support for 2-bytes ASN only, the device with 2-bytes ASN will use the reserved ASN 23456 in place of the 4-bytes ASN.
Say we have R1 with 4-bytes ASN 65536 and R2 with ASN 64512 without 4-bytes ASN support. Configuration on Cisco IOS will be as shown belowNote R2 is using AS-dot notation
R1# router bgp 1.1 neighbor 10.10.10.1 remote-as 64512 R2# router bgp 64512 neighbor 10.10.10.1 remote-as 23456
BGP Communities
Communities are 32-bit values. By default, the display format of communities is two 16-bit values separated by a colon. The well-known communities show up asno-export for NO_EXPORT etc.
The first 16-bit number is normally the AS number of the network that sets the community or looks for it, and there are 4 well known BGP communities that you can use or you can pick a numeric value that you can use for your own policies.
Here are the 4 well known BGP communities:
-
Internetadvertise the prefix to all BGP neighbors. -
no-advertisedon’t advertise the prefix to any BGP neighbors. -
no-exportdon’t advertise the prefix to any eBGP neighbors. -
local-asdon’t advertise the prefix outside of the sub-AS (this one is used for BGP confederations).
Regular communities
The regular community attribute is four octets (32 bit). The first 16 bits of the value encode the AS number of the network that originated the community, while the last 16 bits carry a unique number assigned by the AS, the second number is one that conveys the intended information. A notation of as-number:community-value, is used where each value is a decimal number. For example, a community value of 64510:1111.
Extended communities
Networking enhancements, such as MPLS VPNs, have functionality requirements that require an attribute such as a community. However, the regular 4-octet (32 bit) community value does not provide enough expansion to accommodate VPN requirements. This leads to the creation of extended communities. An extended community is an 8-octet (64 bit) value that is also divided into two main sections. The first 2 octets of the community encode a type field while the last 6 octets carry a unique set of data in a format defined by the type field.
The BGP extended communities attribute format has three fields: type:administrator:assigned-number. The routing device expects you to use the words target or origin to represent the type field for some vendors. The administrator field uses a decimal number for the AS or an IPv4 address, while the assigned number field expects a decimal number no larger than the size of the field (65,535 for 2 octets or 4,294,967,295 for 4 octets).
Large communities
Since the adoption of 4-byte ASNs, the 4-byte BGP regular community and 6-byte BGP extended community can no longer support BGP community attributes. Operators often encode AS number in the local portion of the BGP community that means that sometimes the format of the community is ASN:ASN. With the 4-byte ASN , you need 8-bytes to encode it. Although BGP extended community permits a 4-byte AS to be encoded as the global administrator field, the local administrator field has only 2-byte of available space. Thus, 6-byte extended community attribute is also unsuitable.
To overcome this, come RFC 8195, BGP allows to configure optional transitive path attribute - a 12-byte BGP large community; composed of three 4-byte integers separated by a colon; that provides the most significant 4-byte value to encode autonomous system number as the global administrator and the remaining two 4-byte assigned numbers to encode the local values as defined in RFC 8092. The BGP large community attributes format has four fields: large:global-administrator:assigned-number:assigned-number. An example of Large Communities is: 65535:1:1
Configuration
Cisco IOS XR Configuration
route-policy SET-LARGE
set large-community (65535:1:1) additive
end-policy
route-policy MATCH-LARGE
if large-community matches-any (65535:1:2) then
set local-preference 90
endif
end-policy
route-policy DELETE-LARGE
delete large-community in (65535:*:*)
delete large-community in (65535:1:1)
end-policy
Juniper Junos Configuration
# Define
basondole@junos# show policy-options community LARGE-COMMUNITY
members large:65535:1:1
# Actions
basondole@junos# show policy-options policy-statement POLICY-LARGE
term MATCH
from {
community LARGE-COMMUNITY;
}
then accept;
}
term DELETE
then {
community delete LARGE-COMMUNITY;
accept;
}
}
term SET
then {
community add LARGE-COMMUNITY;
accept;
}
}
Nokia SR OS Configuration (Classic CLI)
A:vRR>config>router>policy-options# info
----------------------------------------------
community "LARGE" members "65535:1:1"
policy-statement "POLICY-LARGE"
entry 10
description "MATCH"
from
community "LARGE"
exit
action accept
local-preference 120
exit
exit
entry 20
description "DELETE"
action accept
community remove "LARGE"
exit
exit65535:1:1
entry 30
description "SET"
action accept
community add "LARGE"
exit
exit
exit
----------------------------------------------
Nokia SR OS Configuration (MD-CLI)
policy-options {
community "LARGE" {
member "65535:1:1" { }
}
policy-statement "POLICY-LARGE" {
entry 10 {
description "MATCH"
action {
action-type accept
local-preference "120"
}
from {
community {
name "LARGE"
}
}
}
entry 20 {
description "DELETE"
action {
action-type accept
community {
remove ["LARGE"]
}
}
}
entry 30 {
description "SET"
action {
action-type accept
community {
add ["LARGE"]
}
}
}
}
}
Packet capture shows the optional transitive path attribute - a 12-byte BGP large community
