[afnog] bgp communities - please

[Mark Tinka]

On Monday, October 11, 2010 01:40:10 pm Frank Habicht wrote:

> I wanted to request that you all enable or set the
> sending of BGP communities on all your iBGP sessions.

Sadly, this is an artifact of classic IOS, where the BGP 
community capability needs to be specifically turned on.

More sane code like IOS XR and JUNOS don't have this 
restriction. It can be a real PITA because not turning this 
on on even just one router can be a real tail-chaser.

I believe a number of folk have requested Cisco to revise 
this so BGP communities are enabled by default, but hey, 
planes don't have bad landings - it's just the asphalt 
making contact with them :-).

> example reason: if someone sends you a prefix with
> no-export community then they really hope that you don't
> advertise it to your upstreams...
> 
> And yes: real stuff observed that did real unwanted
> breaking.

Two things to consider when doing this:

	1. Best to co-ordinate the transmission of BGP
	   communities with your upstreams. Several
	   upstreams will either strip the BGP communities
	   you pass on in updates, rewrite them, or both. If
	   you pre-negotiate this relationship with your
	   upstream, you won't miss those 3AM calls when
	   they suddenly decide to do a network clean-up.

	2. Remember that the NO_EXPORT community affects ALL
	   eBGP sessions within your upstreams network.
	   While this will prevent your prefixes from being
	   announced to their transits/peers, it will also
	   block them from being announced to their own
	   (small) customers. It is possible you may not
	   want your upstream's transit providers to "hear"
	   your routes, but you may want their small
	   customers to.

Cheers,

Mark.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part.
URL: <http://afnog.org/pipermail/afnog/attachments/20101012/3ffc2981/attachment.pgp>