BGP Communities has to be one of my favorite features added to the BGP protocol. As you should know by now, BGP passes several attributes between peers that help influence the BGP best path selection algorithm. One of these is the BGP Community attribute. Think of this as another tag placed on the route advertisement that can give us additional information.
This tag is formatted as 32bit value that is typically displayed in two 16 bit parts. The most typical, and most widely accepted best practices treat these as your Autonomous System Number (ASN), followed by a 16 bit attribute. For example, if your ASN was 65248 and you wanted to tag this route with the number 666, you would set something like 65248:666.
As for the second half of our tag, this number is arbitrary. BGP Communities are a transitive attribute that is completely optional. This means that BGP treats these tags as purely information, and that it is up to the network engineer to decide what these values mean, and what to do with them.
RFC 1997 defines some well known communities that have global significance. These values and their operations should be respected by any community aware BGP implementation. The RFC also reserves the values 0x00000000 through 0x0000FFFF and 0xFFFF0000 through 0xFFFFFFFF, but only a few of those values have been implemented. For more information, see IANA’s Page.
- NO_EXPORT (0xFFFFFF01) – All routes received carrying a communities attribute containing this value MUST NOT be advertised outside a BGP confederation boundary (a stand-alone autonomous system that is not part of a confederation should be considered a confederation itself).
- NO_ADVERTISE (0xFFFFFF02) – All routes received carrying a communities attribute containing this value MUST NOT be advertised to other BGP peers.
- NO_EXPORT_SUBCONFED (0x0xFFFFFF03) – All routes received carrying a communities attribute containing this value MUST NOT be advertised to external BGP peers (this includes peers in other members autonomous systems inside a BGP confederation).
- NOPEER (0xFFFFFF04) – Introduced much later in RFC 3765 and not currently recognized by all vendors. This community is used to limit advertisements to bi-lateral peers.
By default Cisco IOS does not propagate BGP communities. You must manually configure each neighbor with the neighbor send-community command.
As for the “public” community space, your imagination is the limit. Depending on the complexity of the network any number of things could be represented by the community strings attached. Personally, I typically use them to mark information about the routes, such as peer information or changes to the local-preference made on the edge network. But the most useful thing is using them to influence other attributes. You can even allow customers to influence routes they advertise to you, which is especially helpful when a customer connects to your network in multiple locations that advertise some of the same routes. For example, in your public community list you could allow your customers to advertise you a route with 65248:80, or 65248:120 which you could then match in your neighbor route-map in to set the local preference to either 80, or 120 on that specific route. Other options could set prepending, or…
Remote Triggered Blackholes (RTBH) allows a customer to advertise a single host (/32) to your network with a community string designating that you should “black hole” that traffic. This is particularly helpful in the event of a DOS/DDOS. The black hole’d host no longer receives traffic, as it is stopped on the upstream network. Which, as long as the upstream pipes are big enough, can allow the rest of the downstream network to still function.
A more recent upgrade to “standard” BGP Communities is the extended community attribute defined in RFC 4360. Since the use of BGP Communities became so popular with the ever expanding world of MPLS and VPLS VPN tunnels, the community values were quickly overrun and needed expansion. The extended community attribute is an 8 octet value which is double our original 32bit field.
Extended communities provide a number of benefits to service provider networks, most of which are out of scope for this current post. But I will point you here, if you want to learn more about the use of extended communities with route targets in both IOS and Junos.