[Community bleaching on edge] RTBH no_export

• Previous message (by thread): [Community bleaching on edge] RTBH no_export
• Next message (by thread): Colombia
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 6 Feb 2019 at 13:55, <adamv0025 at netconsultings.com> wrote:
>
> Hi folks,
>
>
>
> This “RTBH no_export” thread made me wonder what is the latest view on BGP community bleaching at the edge (in/out).
>
> Anyone filtering extended RT communities inbound on NOSes that accept extended communities by default? Yeah about that…

Hi Adam,

I think Junos is an example of a NOS that advertises extended BGP
communities by default (and accepts them without scrubbing). It seems
"not ideal" to me (by which I mean there could be potential for BGP
NLRIs to be processed in an undesired way). However, I think that
ext-comm information sent in NLRI UPDATES over an AFI/SAFI 1/1 or 2/1
session aren't processed.

I haven't got the time to lab this right now but, I guess one question
would be if (for example) a CPE sends a BGP UPDATE over an 1/1 or 2/1
session into a PE inside a VRF, with ext comm attached, when the
UPDATE is advertised to another PE over a 1/128 or 2/128 session will
that remote PE process the ext-comm value the CPE sent to the initial
PE in the 1/1 or 2/1 session? What if that CPE was in instead a
transit or peering partner and you're running an Internet-in-a-VRF
design, can anyone on the Internet send routes into your edge PE and,
with the correct ext-comm, have them importing into another L3 VPN?

Cheers,
James.

• Previous message (by thread): [Community bleaching on edge] RTBH no_export
• Next message (by thread): Colombia
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]