No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Configuration Guide - IP Unicast Routing

S7700 and S9700 V200R011C10

This document describes IP Unicast Routing configurations supported by the switch, including the principle and configuration procedures of IP Routing Overview, Static Route, RIP, RIPng, OSPF, OSPFv3, IS-IS(IPv4), IS-IS(IPv6), BGP, Routing Policy ,and PBR, and provides configuration examples.
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Community Attribute Applications in BGP

Community Attribute Applications in BGP

Community Attribute

The Community attribute is a set of destination addresses with the same characteristics. It simplifies routing policy applications and facilitates routing policy management and maintenance and allows a group of BGP devices in multiple ASs to share the same routing policies. This attribute is a route attribute and transmitted between BGP peers and not restricted within an AS. Before advertising a route with the Community attribute to peers, a BGP device can change the original Community attribute of this route.

  • The Community attribute is a set of 4-byte values, in the format AA:NN. As defined in RFC1997, the first two bytes indicate an AS number, and the last two bytes indicate a community identifier used for management.
  • The Community attribute is a BGP route tag that simplifies the implementation of routing policy. A specific Community attribute can be assigned to some routes. Based on this Community attribute, these routes can be managed and routing policy can be performed on these routes.
Figure 10-16  Community attribute application

In Figure 10-16, a large number of routes in AS100 are imported into BGP, and these routes are used for voice calls and video surveillance. These routes are advertised to AS200 through BGP. Devices in AS200 need to carry out different policies on the routes used for voice calls and video surveillance. How to match these routes? You can use ACLs or IP prefix lists to match the routes one by one. This method, however, has a heavy workload and is inefficient because a large number of route prefixes exist.

You can use the Community attribute to address this issue. When these routes are imported into AS100, respective Community attributes are added to the routes to differentiate the routes used for voice calls and video surveillance. That is, the Community attribute 100:1 is added to the routes used for voice calls, and the Community attribute 100:2 is added to the routes used for video surveillance. These Community attributes are transmitted to AS200 along with the routes. In AS200, to carry out different policies for the routes used for voice calls and video surveillance, match the routes based on their respective Community attributes. For example, you can match all the routes used for voice calls based on the Community attribute 100:1.

BGP defines some well-known Community attributes. Table 10-7 lists these Community attributes.

Table 10-7  BGP well-known Community attributes

Community Attribute

Description

internet

By default, all routes belong to the internet community. A route with this attribute can be advertised to all BGP peers.

no-advertise

A route with this attribute cannot be advertised to any other BGP peers.

no-export

A route with this attribute cannot be advertised outside the local AS. If a confederation is defined, the route with this attribute cannot be advertised to the ASs outside the confederation but can be advertised to other sub-ASs in the confederation.

no-export-subconfed

A route with this attribute cannot be advertised outside the local AS or advertised to other sub-ASs in the confederation.

Setting the Community Attribute for Routes

To use the Community filter, ensure that the Community attribute is carried in routes. The following describes how to set the Community attribute for routes.

Figure 10-17  Setting the Community attribute for routes

Requirement Description

In Figure 10-17, LSW1 in AS100 advertises two routes 10.1.1.0/24 and 10.1.2.0/24 through BGP. In the BGP process of LSW1, use an export route-policy to modify the Community attribute of the route 10.1.1.0/24 to 100:1 so that downstream devices can carry out policies on the route based on this Community attribute.

Configuration

The key configuration of LSW1 is as follows:

#
ip ip-prefix huawei index 10 permit 10.1.1.0 24  //Define an IP prefix list to match the target route.
#
route-policy RP permit node 10                  //Define a route-policy to set the Community attribute for the target route.
 if-match ip-prefix huawei
 apply community 100:1
route-policy RP permit node 20                  //Permit the remaining routes.
#
bgp 100
 router-id 1.1.1.1
 peer 192.168.12.2 as-number 200
 #
 ipv4-family unicast
  undo synchronization
  network 10.1.1.0 255.255.255.0                //Advertise the route 10.1.1.0/24.
  network 10.1.2.0 255.255.255.0                //Advertise the route 10.1.2.0/24.
  peer 192.168.12.2 enable
  peer 192.168.12.2 route-policy RP export      //Apply the route-policy in the export direction of the specified BGP peer.
  peer 192.168.12.2 advertise-community         //Advertise the Community attribute to the specified BGP peer.
#

The key configuration of LSW2 is as follows:

#
bgp 200
 router-id 2.2.2.2
 peer 192.168.12.1 as-number 100
 peer 192.168.23.2 as-number 300
 #
 ipv4-family unicast
  undo synchronization
  peer 192.168.12.1 enable
  peer 192.168.23.2 enable
  peer 192.168.23.2 advertise-community        //Advertise the Community attribute to the specified BGP peer.
#

By default, the Community attribute is not updated to BGP peers along with the route prefix. Therefore, the peer advertise-community command needs to be configured on LSW1 and LSW2 to advertise this attribute to BGP peers.

Verification

After the preceding configurations are complete, check the BGP route 10.1.1.0 in the BGP routing table of LSW3.

<LSW3> display bgp routing-table 10.1.1.0

 BGP local router ID : 3.3.3.3
 Local AS number : 300
 Paths:   1 available, 1 best, 1 select
 BGP routing table entry information of 10.1.1.0/24:
 From: 192.168.23.1 (2.2.2.2)
 Route Duration: 01h08m07s  
 Direct Out-interface: Vlanif23
 Original nexthop: 192.168.23.1
 Qos information : 0x0
 Community:<100:1>     //This Community attribute is set and transmitted to downstream devices using a route-policy on LSW1.
 AS-path 200 100, origin igp, pref-val 0, valid, external, best, select, active, 
pre 255
 Not advertised to any peer yet

The preceding command output shows that after the Community attribute is set for the route, this route carries a Community attribute when reaching LSW3, which then can carry out some policies on the route based on the Community attribute.

Multiple methods are available to set the Community attribute for BGP routes. Table 10-8 lists common methods to set this attribute.

Table 10-8  Example for setting the Community attribute for BGP routes

Command

Description

apply community 100

Changes the community name to 100.

apply community 100 150

Changes the community name to 100 or 150. That is, BGP routes belong to two communities.

apply community 100 150 additive

Adds two Community attributes 100 and 150. That, BGP routes belong to three communities.

apply community none

Deletes the Community attribute of BGP routes.

Using a Community Filter to Match BGP Routes

The previous section describes how to set the Community attribute for BGP routes. After this attribute is set on an upstream router, it is transmitted along with routes so that downstream devices can carry out policies based on this attribute. BGP provides a tool, Community filter, to match BGP routes based on the Community attribute. The following describes how to use a Community filter to match BGP routes.

Figure 10-18  Using a Community filter to match BGP routes

Requirement Description

In Figure 10-18, LSW1 in AS100 advertises three BGP routes. The Community attribute is set for the routes and transmitted along with the routes to LSW3 in AS300. Before policies are carried out, check the BGP routing table of LSW3.

<LSW3> display bgp routing-table

 BGP Local router ID is 3.3.3.3 
 Status codes: * - valid, > - best, d - damped,
               h - history,  i - internal, s - suppressed, S - Stale
               Origin : i - IGP, e - EGP, ? - incomplete


 Total Number of Routes: 3
      Network            NextHop        MED        LocPrf    PrefVal Path/Ogn

 *>   10.1.1.0/24        192.168.23.1                          0      200 100i
 *>   10.1.2.0/24        192.168.23.1                          0      200 100i
 *>   10.1.3.0/24        192.168.23.1                          0      200 100i

The preceding command output shows that the BGP routing table of LSW3 contains three routes. Routing policy needs to be carried out on LSW3 to permit only the routes carrying the Community attribute 100:999.

Configuration

The previous section has described how to set the Community attribute. The following describes how to use a Community filter to filter routes.

The key configuration of LSW3 is as follows:

#
ip community-filter 1 permit 100:999     //Permit the route carrying the Community attribute 100:999.
#
route-policy huawei permit node 10       //Invoke the Community filter using a route-policy.
 if-match community-filter 1
#
bgp 300
 router-id 3.3.3.3
 peer 192.168.23.1 as-number 200
 #
 ipv4-family unicast
  undo synchronization
  peer 192.168.23.1 enable
  peer 192.168.23.1 route-policy huawei import   //Use the route-policy in the import direction of the specified BGP peer.
#

Verification

After the preceding configurations are complete, check the BGP routing table of LSW3.

[LSW3] display bgp routing-table

 BGP Local router ID is 3.3.3.3 
 Status codes: * - valid, > - best, d - damped,
               h - history,  i - internal, s - suppressed, S - Stale
               Origin : i - IGP, e - EGP, ? - incomplete


 Total Number of Routes: 2
      Network            NextHop        MED        LocPrf    PrefVal Path/Ogn

 *>   10.1.1.0/24        192.168.23.1                          0      200 100i
 *>   10.1.2.0/24        192.168.23.1                          0      200 100i

The defined Community filter matches the route carrying the Community attribute 100:999. Therefore, the two routes 10.1.1.0/24 and 10.1.2.0/24 are permitted on LSW3, and other BGP routes are denied.

For this scenario, the following provides three common methods to configure the Community filter:

Case 1:

ip community-filter 1 permit 100:1 100:999 
//Only the routes that carry two Community attributes 100:1 and 100:999 can be matched. Therefore, the route 10.1.1.0/24 is matched.

Case 2:

ip community-filter 1 permit 100:1
ip community-filter 1 permit 100:2
//The routes that carry the Community attribute 100:1 or 100:2 can be matched. Therefore, the routes 10.1.1.0/24 and 10.1.2.0/24 are matched.

Case 3:

ip community-filter 1 permit internet
//By default, all routes carry the Internet attribute. Therefore, all routes are matched.

Relevant Information

Technology Forum

Huawei S Series Switches Routing Policy

Translation
Download
Updated: 2019-04-01

Document ID: EDOC1000178324

Views: 205592

Downloads: 178

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next