Routing
Reply
Visitor
exit
Posts: 2
Registered: ‎01-19-2011
0
Accepted Solution

re-advertising BGP communities to eBGP?

Hi all,

 

I'm trying to get some BGP community based policies working on Olives and have problems with communities being dropped at the AS border.

The example topology (attached) consists of two ASes (1 and 2).

Routers R3 and R4 set the BGP communities (2:400 and 2:700 accordingly) on egress sessions.

Router R2 sets the additive community 2:500 to everything it learns from iBGP.

Now the problem is, R2 doesn't readvertise those communities to R1, though has everything in its routing table.

R1's config is as following:

routing-options {
    router-id 10.0.0.1;                 
    autonomous-system 1;
}
protocols {
    bgp {
        export advert;
        group as2 {
            type external;
            peer-as 2;
            neighbor 10.0.6.2;
        }
    }
    ospf {
        area 0.0.0.0 {
            interface lo0.0 {
                passive;
            }
            interface em1.0 {
                passive;
            }
        }
    }
}
policy-options {
    prefix-list em0 {
        10.254.100.0/24;
    }
    policy-statement advert {
        term 1 {
            from protocol [ local direct static ];
            then {
                community + 300;
                next term;
            }
        }
        term 2 {
            from {
                prefix-list-filter em0 exact reject;
            }
        }
        then accept;
    }
    community 300 members 1:300;
}

 R2 is configured as this:

routing-options {
    router-id 10.0.0.5;
    autonomous-system 2;
}
protocols {
    bgp {
        group as1 {
            type external;
            export export;
            neighbor 10.0.6.1 {
                local-address 10.0.6.2;
                peer-as 1;
            }
        }
        group mesh {
            type internal;
            local-address 10.0.0.5;
            import adverts;
            peer-as 2;
            neighbor 10.0.0.6;
            neighbor 10.0.0.7;
        }
    }
    ospf {
        area 0.0.0.0 {
            interface lo0.0 {
                passive;                
            }
            interface em1.0 {
                passive;
            }
            interface em3.0;
            interface em4.0;
        }
    }
}
policy-options {
    policy-statement adverts {
        then {
            community add 500;
            accept;
        }
    }
    policy-statement export {
        then accept;
    }
    community 500 members 2:500;
    community wildcard members *:*;
}

 

when I check the communities on R2 I get this:

root@R2> show route community 2:400     

inet.0: 24 destinations, 46 routes (24 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

10.0.0.7/32         [BGP/170] 15:37:03, localpref 100, from 10.0.0.7
                      AS path: I
                    > to 10.0.8.2 via em5.0
10.0.8.0/24         [BGP/170] 15:37:03, localpref 100, from 10.0.0.7
                      AS path: I
                    > to 10.0.8.2 via em5.0
10.254.100.0/24     [BGP/170] 15:37:03, localpref 100, from 10.0.0.7
                      AS path: I
                    > to 10.0.8.2 via em5.0

which are the routes from R3 and this: 

root@R2> show route community 2:500                      

inet.0: 24 destinations, 46 routes (24 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

10.0.0.6/32         [BGP/170] 15:38:38, localpref 100, from 10.0.0.6
                      AS path: I
                    > to 10.0.7.2 via em4.0
10.0.0.7/32         [BGP/170] 15:38:38, localpref 100, from 10.0.0.7
                      AS path: I
                    > to 10.0.8.2 via em5.0
10.0.0.10/32        [BGP/170] 15:38:38, localpref 100, from 10.0.0.10
                      AS path: I
                    > to 10.0.7.2 via em4.0
10.0.7.0/24         [BGP/170] 15:38:38, localpref 100, from 10.0.0.6
                      AS path: I
                    > to 10.0.7.2 via em4.0
10.0.8.0/24         [BGP/170] 15:38:38, localpref 100, from 10.0.0.7
                      AS path: I
                    > to 10.0.8.2 via em5.0
10.0.10.0/24        [BGP/170] 15:38:38, localpref 100, from 10.0.0.6
                      AS path: I
                    > to 10.0.7.2 via em4.0
                    [BGP/170] 15:38:38, localpref 100, from 10.0.0.10
                      AS path: I
                    > to 10.0.7.2 via em4.0
10.254.100.0/24     [BGP/170] 15:38:38, localpref 100, from 10.0.0.6
                      AS path: I
                    > to 10.0.7.2 via em4.0
                    [BGP/170] 15:38:38, localpref 100, from 10.0.0.7
                      AS path: I
                    > to 10.0.8.2 via em5.0
                    [BGP/170] 15:38:38, localpref 100, from 10.0.0.10
                      AS path: I
                    > to 10.0.7.2 via em4.0

which are R2's own routes, marked by a community on an ingress policy. In the same way, I'm able to see the routes from R4, marked with appropriate communities.

However, when I go to R1 and try to see any communities attached to the routes, I get nothing:

root@R1> show route community 500 

inet.0: 23 destinations, 47 routes (23 active, 0 holddown, 6 hidden)

while the session is up and the R2 is advertising the prefixes as it should, just there's no communities:

root@R1> show route receive-protocol bgp 10.0.6.2 extensive 

inet.0: 23 destinations, 47 routes (23 active, 0 holddown, 6 hidden)
* 10.0.0.5/32 (1 entry, 1 announced)
     Accepted
     Nexthop: 10.0.6.2
     AS path: 2 I

* 10.0.0.6/32 (1 entry, 1 announced)
     Accepted
     Nexthop: 10.0.6.2
     MED: 1
     AS path: 2 I

* 10.0.0.7/32 (1 entry, 1 announced)
     Accepted
     Nexthop: 10.0.6.2
     MED: 1
     AS path: 2 I

  10.0.1.0/24 (4 entries, 1 announced)
     Accepted
     Nexthop: 10.0.6.2
     AS path: 2 I

  10.0.6.0/24 (4 entries, 1 announced)
     Accepted
     Nexthop: 10.0.6.2
     AS path: 2 I

* 10.0.7.0/24 (1 entry, 1 announced)
     Accepted
     Nexthop: 10.0.6.2
     AS path: 2 I

* 10.0.8.0/24 (1 entry, 1 announced)
     Accepted
     Nexthop: 10.0.6.2
     AS path: 2 I

  10.254.100.0/24 (3 entries, 1 announced)
     Accepted
     Nexthop: 10.0.6.2
     AS path: 2 I

 

What I'm doing wrong? Why the border router strips the communities off the advertisements?

Also - is it normal, that without a policy configured, junos wouldn't advertise anything through the BGP session by default?

Any comments are greatly appreciated, thanks!

Recognized Expert
mhariry
Posts: 339
Registered: ‎06-01-2011
0

Re: re-advertising BGP communities to eBGP?

Hi dear,

 

from your show command on R2 (show route community 2:500) I could see that all routes are inactive (no * mark exist) thats why R2 not advirtising these routes as it seems it has another BGP routes from another neighbors prefered and not tagged with community 500 under R2.

 

To solve this problem there are alot of solutions

 

1- configure advertise-inactive under BGP on R2

2- add community 500 in the export policy

3- check why these routes are inactive in R2 routing table

 

Thanks

Mohamed Elhariry

JNCIE-M/T # 1059 , CCNP, CCIP

Regards,
Mohamed Elhariry
2* JNCIE (SEC # 159, SP # 1059),JNCIP-ENT

[Click the "Star" for Kudos if you think I earned it!
If this solution worked for you please flag my post as an "Accepted Solution" so others can benefit..]
Visitor
exit
Posts: 2
Registered: ‎01-19-2011
0

Re: re-advertising BGP communities to eBGP?

Thanks! The "advertise-inactive" works like a charm :smileyhappy:

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.