General Info
Connect uses BGP communities to control routing announcements, i.e. the routes we send to customers as well as the routes we send to our peers and providers.
- These BGP communities are divided into two groups:
- public BGP communities
- these can be set by customers to influence how Connect treats a route, either internally or externally.
- private BGP communities
- are used to classify routes. Customers should not try setting these BGP communities as we will clear all customer set BGP communities if a private BGP community is present in a routing announcement.
Public BGP Communities
These BGP communities allow customers to modify AAPT’s routing system behaviour in some way. The current BGP communities are:
| BGP Community String | Description |
| 2764:1 | Only announce the route to customers or to "national" rate peers (currently Worldcom/OzEmail). |
| 2764:2 | Don’t announce the route outside of the local POP. This also means that traffic sourced by this route will be dropped if it attempts to leave the local POP. If using this BGP community then you should request a "local scope only" routing table to avoid blackholing traffic. |
| 2764:4 | Modify the local preference of a route so that it is lower than a route received from a peer but not lower than a provider. |
| 2764:5 | Modify the local preference of a route so that it is lower than a route received from a normal customer announcement but not lower than one received from a peer. This is normally used to indicate a backup path. Note that traffic filtering may drop traffic sourced through an interface where the route is being announced with a local preference altering BGP community set if there is another announcement of the route without the community set. |
| 2764:6 | Announce the route to customers and all peers. This means that we will announce it to all customers and to Telstra, Optus, Worldcom, etc, as well as to Telecom NZ and Singapore IX, but not our major upstream transit providers. |
| 2764:7 | Only announce the route to customers. |
| 2764:15 | Announce the route to customers and Australian peers only. This is similar to 2764:6, but excludes international peers. This means that we will announce it to all customers and to Australian peers such as Telstra, Optus, Worldcom, etc, but not to Telecom NZ, Singapore IX, or our major upstream transit providers. |
| 2764:777 | This community is defined by the MBONE community at FIXW-MBONE and while Connect does not currently connect to the MBONE or provide IP multicast service this community is reserved for potential future use. |
Private BGP Communities
Private BGP communities are used internally to the AAPT network to control routing announcements. There are two main classes of private BGP community and although customers cannot set these BGP communities their meaning may be useful when using the Connect "Looking Glass" to diagnose problems.
- Class of route
- BGP Communities 2764:65408 to 2764:65412 indicate the "basic" location of the origin of the route and are used to determine which routes are sent to a customer (based on their routing table type request).
BGP Community String Description 2764:65408 Route originated by Connect or a Connect customer 2764:65409 or 2764:65410 Route originated within Australia i.e. Telstra, Optus, Worldcom etc.. 2764:65412 Route reachable via the USA - These BGP communities are referenced by AAPT’s routing policy, accessible via whois at either whois.connect.com.au or at whois.ra.net. The policy is described in the Routing Policy Specification Language (RFC 2622).
- Location of route
- BGP Communities starting at 2764:65280 indicate the origin POP of a Connect originated route. Some routes within AAPT’s provider blocks will not be tagged with 2764:65408 but will have a POP community and there are a small number of special case routes that while originated by Connect don’t have a POP community.
How do I restrict announcements so they don’t go to AAPT’s providers?
If you want only some of your networks to be globally routed by Connect you must use BGP communities. Note that some router vendors do not support BGP communities even though they claim to have a conformant BGP implementation.
If there are some networks you don’t want us to globally route you must tag them with the BGP community 2764:1 or 2764:7.
On a Cisco router this is best achieved by using a route map on your link to Connect. For example:
ip bgp-community new-format
!
router bgp ASN
neighbor neighbor remote-as remote-AS
neighbor neighbor send-community
neighbor neighbor route-map AS2764-EXPORT out
!
route-map AS2764-EXPORT permit 1
match ip address 100
set community 2764:1
route-map AS2764-EXPORT permit 2
Applying BGP Community string with sample configuration
1. Get the latest BGP community string from your ISP/upstream provider or check www.ShowipBGP.com web site.
2. Pick the best BGP community string for your traffic shaping plan (mainly incoming traffic).
Most of ISPs are providing community string with local preference and AS prepending
option. Cannot tell which one is better than the other. It will depend on your global traffic shaping plan.
3. Follow the below commands ( Cisco only )
The below Sample configuration will tag the 10.0.0.0/24 route with [ISP AS]:120 or [ISP AS]:3 and will not tag any other routes.
router#config t
router(config)#ip bgp-community new-format
router(config)#access-list 10 permit 10.0.0.0 0.0.0.255
router(config)#access-list 10 deny any
router(config)#route-map [to-ISP] permit 10
router(config-route-map)#match ip address 10
router(config-route-map)#set community [ISP AS]:120 <—- using Local Preference
or
router(config-route-map)#set community [ISP AS]:3 <——- using AS prepending
router(config-route-map)#route-map [to-ISP] permit 20
router(config-route-map)#exit
router(config)#router bgp [xxxx] <——————————- xxxx = customer’s ASN
router(config-router)#neighbor x.x.x.x send-community
router(config-router)#neighbor x.x.x.x route-map [to-ISP] out
router(config-router)#exit
router(config)#exit
router#copy running-config startup-config
4. And then, go to www.routeserver.org and pick one of route server on the map to see your announcement. If you are using AS prepending option, you will see your AS prepends on route servers. Sometime you might not see your route with particular ISP path.
In most of case it might not be any routing problem, just the route path was dropped at somewhere by BGP best path selection scheme. Try Oregon route server, if you can see your route. The Oregon route server is providing many possible and available paths between BGP speakers and neighbors.
If you don’t see your route on there? check other route servers and also check your
BGP configuration. You might need to contact your upstream provider to check what they are learning BGP route from you.
The www.ipBalance.com runs by a volunteer group with IT professionals and experts at least over 25 years of experience developing and troubleshooting IT in general. ipBalance.com is a free online resource that offers IT tutorials, tools, product reviews, and other resources to help you and your need.
