[prev in list] [next in list] [prev in thread] [next in thread]
List: isp-bgp
Subject: [isp-bgp] Re: Community Policies
From: sjk () dredel ! com
Date: 2003-05-07 1:41:17
[Download RAW message or body]
Yep -- kinda figured I needed to do it via a route-map out statement 00
I was hoping to cheat, but nope. The idea here, btw, is to let peers
customers control which ASes they export to (with reason) via a
community tag.
Thanks Much -- sjk
On 6 May, Jeffrey Belles wrote:
> Hi,
>
> Try to work with tagging for maximum control ;-/
> For instance, every route that comes in through AS3 tag it with :333,
> or whatever makes you feel happy and easily can be defined as coming
> from AS3...
> Now you can filter this easily when exporting this to appropiate other
> AS's.
>
> On the border with AS2, you can deny these prefixes that are tagged
> with
> :333 (ie learned from AS3) to be advertised.
> Same story for the border with AS1, but then the permit-variant:-)
> In your examples (if I read it correctly) you are trying to set
> no-export on the wrong peerings, and try to match it in the inbound
> route-maps i.s.o outbound (cos that's where you want to filter!)
>
> ----------------------------------
> On router-3:
> route-map CLIENT-IN, permit, sequence x
> set community 3:333
> ----------------------------------
> on router-2
> route-map CLIENT-OUT, deny, sequence x
> ^^^
> match community 3
> ----------------------------------
> on router-3
> route-map CLIENT-OUT, permit, sequence x
> ^^^
> match community 3
> -----------------------------------
>
> Where ip community-list 3 is:
> ip community-list 3 permit 3:333
>
> PS: in order to work with this route-tagging, you should enable
> "ip bgp-community new-format" , allthough this is not really new
> anymore
> ;-)
>
> If you need any help, please let me know,
> -Jeffrey
> ---
>
> Jeffrey Belles
> IP Core/Transit Engineer GDNMS-IPC
> email: jeffrey.belles@nld.mci.com
> tel: +31 (0)20 711 6183 VNET: 711 6183
>
>
>
> On May 4, 2003 sjk@dredel.com filled my Inbox with:
>
>> I am in the process of putting together some community routing
>> policies for our bgp peers -- and I've come to a point where I'm a
>> bit confused and hope someone out there can help me out. Here's the
>> situation:
>>
>> Let's say I have 3 routers which all have eBGP peers and 2 are iBGP
>> peers (for simplicity let's make them Cisco routers), so the eBGP
>> peering may look like this:
>>
>> rtr-1 peer AS1
>> rtr-2 peer AS2
>> rtr-3 peer AS3
>>
>> If I want to set a community which allows AS3 to export to AS1 but
>> not AS2 can I just create a no-export community? or will it be
>> inherited by rtr-1
>>
>> For instance on rtr1:
>> ip community-list 1 permit 64512:1
>> route-map CLIENT-IN, permit, sequence 10
>> match community 1
>> set community no-export
>>
>> on rtr2:
>> ip community-list 2 permit 64512:2
>> route-map CLIENT-IN, permit, sequence 10
>> match community 2
>> set community no-export
>>
>> AS3 then sends it's export with the community of 64512:2
>>
>> I hope this makes sense . . . If this won't work, is there an elegant
>> way to create a community to control eBGP exports? The only other
>> ways I can think of to do this seem pretty complicated. . . Any
>> suggestions would be appreciated.
>>
>> TIA -- sjk
>>
>>
>> -------- Aude Sepere -------
>> sjk@dredel.com
>> http://www.dredel.com
>> ---- Audax et Cautus -------
>>
>>
>>
>> ------------------------ANNOUNCEMENT---------------------------------
>> ---------------------------------------------------------------------
>> >> Recycle Your Hardware <<
>> Clean out your closets and make some cash.
>> Reach thousnads of ISP equipment buyers.
>> http://www.isp-equipment.com
>> ----------------------------------------------------------------------
>> ----------------------------------------------------------------------
>>
>> _______________ The ISP-BGP Discussion List ______________
>> To Join: mailto:join-isp-bgp@isp-bgp.com
>> To Remove: mailto:remove-isp-bgp@isp-bgp.com
>> Archives: http://isp-lists.isp-planet.com/isp-bgp/archives/
>>
>
>
>
>
> ------------------------ANNOUNCEMENT---------------------------------
> ---------------------------------------------------------------------
> >> Recycle Your Hardware <<
> Clean out your closets and make some cash.
> Reach thousnads of ISP equipment buyers.
> http://www.isp-equipment.com
> ----------------------------------------------------------------------
> ----------------------------------------------------------------------
>
> _______________ The ISP-BGP Discussion List ______________
> To Join: mailto:join-isp-bgp@isp-bgp.com
> To Remove: mailto:remove-isp-bgp@isp-bgp.com
> Archives: http://isp-lists.isp-planet.com/isp-bgp/archives/
-------- Aude Sepere -------
sjk@dredel.com
http://www.dredel.com
---- Audax et Cautus -------
------------------------ANNOUNCEMENT---------------------------------
---------------------------------------------------------------------
>> Recycle Your Hardware <<
Clean out your closets and make some cash.
Reach thousnads of ISP equipment buyers.
http://www.isp-equipment.com
----------------------------------------------------------------------
----------------------------------------------------------------------
_______________ The ISP-BGP Discussion List ______________
To Join: mailto:join-isp-bgp@isp-bgp.com
To Remove: mailto:remove-isp-bgp@isp-bgp.com
Archives: http://isp-lists.isp-planet.com/isp-bgp/archives/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic