Unique BGP Regular Communities

Richard A Steenbergen ras at e-gerbil.net
Fri Aug 11 04:44:13 UTC 2006


On Fri, Aug 11, 2006 at 04:03:57AM +0000, John Smith wrote:
> 
> Hi,
>  
> When the providers choose communities do they follow the syntax 
> AS_NUM:X, where X is some number to ensure uniqueness of their 
> particular community? The reason i ask this is because if operators are 
> doing this then they need not worry that the community being used by 
> them would not be used by anybody anywhere in the world.
> 
> I am wondering if it can _ever_ happen that i get to recieve a BGP 
> UPDATE carrying a community number that i use inside my AS?
>  
> Is this possible? And if Yes, then what scenario?

Communities can be used in any damned way you feel like, they're just 
numbers that people add to routes to convey extra information, and they 
can be squashed or added, and propagated or not proagated between 
networks, as any particular network sees fit.

Some people are partial to only using their own ASN in the first half (and 
thus arbitrary codes in the second half), but personally I'm not. For 
example, if I was AS1234 and I wanted my customers to be able to tell me 
to preend once to my peer AS5678, I would rather they be able to send 
5678:1 rather than have to know to look up my communities reference 
webpage and find an arbitrary mapping like 1234:65123 for the behavior 
they want.

Why? Two reasons. First, there is a logical difference between communities 
you accept (to "do" some specific action), and communities you advertise 
(to inform others about the routes in some way). It probably isn't 
terribly neighborly of you to send routes to AS5678 using 5678:xxxx 
because you felt like it (though if they have any common sense whatsoever 
they're filtering their own reserved community space on the routes they 
receive from you), but it may make perfect sense for you to pass on some 
information about the route (such as geographic area you learned it from, 
the type of relationship (customer, peer, transit), etc) using 1234:xxxx 
space. I'm a fan of making this information available to everyone on the 
Internet who wants it (since you never know, it may come in handy to some 
network you've never heard of 7 hops away from you), and if they don't 
they're welcome to filter it. For routes you are receiving, it is 
generally harmless to step on other peoples 5678:xxxx space, take whatever 
action you're going to take, and then delete those communities at export 
time.

Second, I'm still waiting for a widely available policy "language" which 
lets you do useful things, such as reference variables which change at run 
time depending upon the session they're applied again. Picture a policy 
language where you can say "match $remoteasn:1" to do a specific prepend 
to a specific neighbor, without needing to write a specific policy for 
that neighbor beforehand. Once vendors get their acts together and 
implement this (so far the only one I know of to do it is Cisco under IOS 
XR), using powerful and complex policies to manage your network will be 
much, much easier.

But the short answer to your cryptic question is "yes anyone can send you 
anything at any time, and if you don't want them to do so, filter 
appropriately on your border".

-- 
Richard A Steenbergen <ras at e-gerbil.net>       http://www.e-gerbil.net/ras
GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)



More information about the NANOG mailing list