<html><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body>
<div class="moz-cite-prefix">Hi Jeff,</div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix">We have tested FRR (v6.0.2) indeed and
found that duplicates are not suppressed by default.</div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix">We will publish more detailed results
and configurations on the website soon.</div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix">Thomas</div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix">On 10/21/20 4:35 PM, Jeff Tantsura
wrote:<br>
</div>
<blockquote type="cite" cite="mid:6e7ebe9e-9063-412b-a582-30f2f17ad8e5@Spark">
<title></title>
<br>
<div>
<div name="messageBodySection">
<div dir="auto">Hi Thomas,<br>
<br>
We had a similar discussion on FRR slack, there are some
duplicates indeed.<br>
Are you planing to test FRR at some point in time?</div>
</div>
<div name="messageSignatureSection"><br>
<div class="matchFont">Cheers,
<div>Jeff</div>
</div>
</div>
<div name="messageReplySection">On Oct 21, 2020, 3:58 PM -0700,
Jakob Heitz (jheitz) via NANOG <a class="moz-txt-link-rfc2396E" href="mailto:nanog@nanog.org"><nanog@nanog.org></a>, wrote:<br>
<blockquote type="cite" style="border-left-color: grey;
border-left-width: thin; border-left-style: solid; margin:
5px 5px;padding-left: 10px;">
Thomas,<br>
<br>
I confirmed your case and took a look at the code.<br>
The outbound duplicate suppression function tries to detect<br>
duplicates without actually storing or recreating the<br>
previously sent update, so it misses some cases.<br>
<br>
Your use case is a good one. We will check to see if we can<br>
detect it without compromising significantly on resource
usage.<br>
Thank you for raising the issue.<br>
<br>
Regards,<br>
Jakob.<br>
<br>
-----Original Message-----<br>
Date: Tue, 20 Oct 2020 04:48:37 -0700<br>
From: Thomas Krenc <a class="moz-txt-link-rfc2396E" href="mailto:tkrenc@nps.edu"><tkrenc@nps.edu></a><br>
<br>
Hi Jakob.<br>
<br>
The simple configuration below allows communities to be
forwarded<br>
(send-community-ebgp), but are cleaned at egress (using
route-policy and<br>
community-set).<br>
<br>
In the experiment, the router receives announcements with
altering<br>
community attributes only, from the internal peer. After the
filter is<br>
applied, the router sends duplicates to the external peer.<br>
<br>
Also, In a slightly different setup, the router sends
duplicates due to<br>
changes in the next-hop only.<br>
<br>
best regards<br>
Thomas<br>
<br>
---<br>
<br>
RP/0/0/CPU0:ios(config)#show running-config<br>
Tue Oct 20 02:56:24.230 UTC<br>
Building configuration...<br>
!! IOS XR Configuration 6.0.1<br>
!! Last configuration change at Tue Oct 20 02:56:02 2020 by
cisco<br>
!<br>
interface MgmtEth0/0/CPU0/0<br>
?shutdown<br>
!<br>
interface GigabitEthernet0/0/0/0<br>
?ipv4 address 10.12.0.2 255.255.255.252<br>
!<br>
interface GigabitEthernet0/0/0/1<br>
?ipv4 address 10.20.0.1 255.255.255.252<br>
!<br>
community-set all<br>
? *:*<br>
end-set<br>
!<br>
route-policy nofilter<br>
? pass<br>
end-policy<br>
!<br>
route-policy egressfilter<br>
? delete community in all<br>
? pass<br>
end-policy<br>
!<br>
router bgp 65002<br>
?bgp router-id 10.12.0.2<br>
?address-family ipv4 unicast<br>
!<br>
?neighbor 10.12.0.1<br>
? remote-as 65001<br>
? address-family ipv4 unicast<br>
?? send-community-ebgp<br>
?? route-policy egressfilter out<br>
!<br>
?neighbor 10.20.0.2<br>
? remote-as 65002<br>
? address-family ipv4 unicast<br>
!<br>
end<br>
<br>
On 10/17/20 3:59 PM, Jakob Heitz (jheitz) via NANOG wrote:<br>
<blockquote type="cite">IOS-XR has duplicate update
suppression logic for EBGP sessions,<br>
not for IBGP sessions.<br>
<br>
If you are using EBGP and seeing a fault in the duplicate
update<br>
suppression logic in IOS-XR, please let me know configs
and details<br>
of the experiment.<br>
<br>
Regards,<br>
Jakob.<br>
<br>
-----Original Message-----<br>
Date: Thu, 15 Oct 2020 18:35:58 -0700<br>
From: Thomas Krenc <a class="moz-txt-link-rfc2396E" href="mailto:tkrenc@nps.edu"><tkrenc@nps.edu></a><br>
<br>
Dear NANOG,<br>
<br>
As a team of researchers from NPS and TU Berlin, we are
investigating<br>
the impact of BGP community attributes on the update
behavior between ASes.<br>
<br>
We find that when a route is associated with multiple
distinct community<br>
attributes it does not only lead to multiple announcement
at the tagging<br>
AS, but also at neighboring ASes, if communities are not
filtered<br>
properly. This behavior is wide-spread.<br>
<br>
In order to better understand our observations, we have
performed a<br>
series of laboratory experiments using Cisco IOS, Junos
OS, as well as<br>
the BIRD daemon.<br>
<br>
We find that - by default - all tested routers generate
announcements<br>
with changing community attributes, even when other
attributes do not<br>
change. In addition, when communities are filtered at
egress, Cisco und<br>
BIRD send duplicate announcements (Juniper does not).<br>
<br>
Since our findings are limited to observations in public
data as well as<br>
few router implementations, we would like to share our
research and<br>
kindly ask you to have a look at:<br>
<br>
??? <a class="moz-txt-link-freetext" href="https://www.cmand.org/communityexploration/">https://www.cmand.org/communityexploration/</a><br>
<br>
There, we provide some resources documenting our research,
as well as<br>
open questions. We greatly appreciate any feedback and
insights you can<br>
offer. Also, please don't hesitate to contact us directly:<br>
<br>
??? communityexploration AT cmand DOT org<br>
<br>
best regards<br>
<br>
Thomas Krenc<br>
Postdoctoral Researcher<br>
Naval Postgraduate School<br>
</blockquote>
</blockquote>
</div>
</div>
</blockquote>
<p><br>
</p>
</body>
</html>