Information Technology Reference
In-Depth Information
BGP Community Design
The BGP community attribute is one of the most powerful policy tools available in BGP.
This attribute provides a way to assign prefixes to arbitrary groupings, or communities, as
the name describes. Specific policies can then be applied to prefixes based on the commu-
nity to which they belong. A prefix can carry multiple community attributes, allowing mul-
tiple policies to be applied to a prefix.
By default, there are only a few well-known communities:
•
no-export
—Do not advertise this prefix to an external peer.
•
no-advertise
—Do not advertise this prefix to any peers.
•
internet
—A regular prefix to be advertised globally.
The rest of the community space is available for ISPs to create custom communities and the
associated policies. This section covers the popular custom communities that ISPs use to
control routing policy and give customers flexibility in determining routing policy for their
prefixes.
The configurations for deploying BGP communities across an ISP network are developed
throughout this section. The final configurations provide the following functionality:
•
Prefix origination identification
•
Dynamic customer policy
•
QoS-based service levels
The BGP community attribute is very flexible. The BGP community design presented in
the next sections encompasses the most common usage of BGP communities; however, it
is far from exhaustive with respect to what can be done. Another example of how BGP
communities can be used to combat distributed denial-of-service attacks is provided in the
case study near the end of the chapter.
Prefix Origin Tracking
The ISP's need to understand the origin of a particular prefix was discussed in the section
“Identifying Customer Prefixes.” An ISP network typically has three types of routes: transit,
peering, and customer. The ISP does not want to send routing information indiscriminately.
A sample community assignment based on prefix origin is shown in Table 9-1.
Table 9-1
Prefix Origin-Based Community Assignment
Route Type
Community Identifier
Transit prefixes
<ISP ASN>:1000
Peering prefixes
<ISP ASN>:2000
Customer prefixes
<ISP ASN>:3000
