A regular expression is a pattern to match against an input string. By building a regular expression we specify a string that input must match. In case of BGP we are specifying a string consisting of path information that an input should match.
In the previous example we specified the string ^200$ and wanted path information coming inside updates to match it in order to perform a decision.
The regular expression is composed of the following:
Range
A range is a sequence of characters contained within left and right square brackets. ex: [abcd]
Atom
An atom is a single character, such as the following:
. (Matches any single character)
^ (Matches the beginning of the input string)
$ (Matches the end of the input string)
\ (Matches the character)
− (Matches a comma (,), left brace ({), right brace (}), the beginning of the input string, the end of the input string, or a space.
Piece
A piece is an atom followed by one of the following symbols:
* (Matches 0 or more sequences of the atom)
+ (Matches 1 or more sequences of the atom)
? (Matches the atom or the null string)
Branch
A branch is a 0 or more concatenated pieces.
Examples of regular expressions follow:
a* (Any occurrence of the letter "a", including none)
a+ ( At least one occurrence of the letter "a" should be present)
ab?a (This matches "aa" or "aba")
_100_ (Via AS100)
^100$ (Origin AS100)
^100 .* (Coming from AS100)
^$ (Originated from this AS)
BGP Community Filtering
We would like RTB above to set the community attribute to the BGP routes it is advertising such that RTC would not propagate these routes to its external peers. The no−export community attribute is used:
RTB#
router bgp 200
network 160.10.0.0
neighbor 3.3.3.1 remote−as 300
neighbor 3.3.3.1 send−community
neighbor 3.3.3.1 route−map setcommunity out
route−map setcommunity
match ip address 1
set community no−export
access−list 1 permit 0.0.0.0 255.255.255.255
Note that we have used the route−map setcommunity command in order to set the community to no−export. Note also that we had to use the neighbor send−community command in order to send this attribute to RTC.
When RTC gets the updates with the attribute no−export, it will not propagate them to its external peer RTA.
In the example below, RTB has set the community attribute to 100 200 additive. The value 100 200 will be added to any existing community value before being sent to RTC.
When RTC gets the updates with the attribute no−export, it will not propagate them to its external peer RTA.
In the example below, RTB has set the community attribute to 100 200 additive. The value 100 200 will be added to any existing community value before being sent to RTC.
RTB#
router bgp 200
network 160.10.0.0
neighbor 3.3.3.1 remote−as 300
neighbor 3.3.3.1 send−community
neighbor 3.3.3.1 route−map setcommunity out
route−map setcommunity
match ip address 2
set community 100 200 additive
access−list 2 permit 0.0.0.0 255.255.255.255
A community list is a group of communities that we use in a match clause of a route map which allows us to do filtering or setting attributes based on different lists of community numbers.
ip community−list community−list−number {permit|deny} community−numberFor example we can define the following route map, match−on−community:
route−map match−on−community
match community 10 (10 is the community−list number)
set weight 20
ip community−list 10 permit 200 300
!−− 200 300 is the community number
We can use the above in order to filter or set certain parameters like weight and metric based on the community value in certain updates. In example two above, RTB was sending updates to RTC with a community of 100 200. If RTC wants to set the weight based on those values we could do the following:
RTC#In the above example, any route that has 100 in its community attribute will match list 1 and will have the weight set to 20. Any route that has only 200 as community will match list 2 and will have weight 20. The keyword exact states that community should consist of 200 only and nothing else. The last community list is here to make sure that other updates are not dropped. Remember that anything that does not match, will be dropped by default. The keyword internet means all routes because all routes are members of the internet community.
router bgp 300
neighbor 3.3.3.3 remote−as 200
neighbor 3.3.3.3 route−map check−community in
route−map check−community permit 10
match community 1
set weight 20
route−map check−community permit 20
match community 2 exact
set weight 10
route−map check−community permit 30
match community 3
ip community−list 1 permit 100
ip community−list 2 permit 200
ip community−list 3 permit internet
0 Comments:
Post a Comment