BGP communities

Alexander Zubkov green at qrator.net
Mon Apr 6 20:25:59 CEST 2020 

OK. So you have some route x.x.x.x/y that you receive from AS2 by
protocol bgp pb_0002_as2?

1) it is received via bgp pb_0002_as2 into table t_0002_as2
2) it is piped from table t_0002_as2 to master4 with filter
f_export_to_master (missing in your config)
3) it is piped from table master4 to t_0005_as3 with filter where
ixp_community_filter(3) (ixp_community_filter is also missing)
4) it is exported to bgp pb_0005_as3

At which point do you think it should be filtered and why?
As I see, your routers (AS2) do not set any communities to the
exported routes, so if you do not set them in any of those missing
filters, then your check for the presence of the community will not
fire.

On Mon, Apr 6, 2020 at 7:03 PM Fabiano D'Agostino
<fabiano.dagostino96 at gmail.com> wrote:
>
> This is the bird.conf of the route server:
> https://pastebin.com/qwp6nBtz
> This is the bird.conf of one router:
> https://pastebin.com/trwgKG92
>
> Why does AS3 still receive routes from AS2? What am I missing?
>
> Thanks,
>
> Il giorno lun 6 apr 2020 alle ore 18:13 Alexander Zubkov <green at qrator.net> ha scritto:
>>
>> It is really hard to guess what routes you have actually in your
>> bird's table and how your bird is configured.
>>
>> > I just edited the bird.conf of the route server, should I also edit the bird.conf of the routers which are peering with the route server?
>>
>> Filters on peers can affect only communities you are sending and other
>> attributes, but they do not affect directly the logic of your route
>> server's filters, there is no magic here.
>>
>> On Mon, Apr 6, 2020 at 6:08 PM Fabiano D'Agostino
>> <fabiano.dagostino96 at gmail.com> wrote:
>> >
>> > Does 'show route where' exist as command? Because I have syntax error.
>> > Anyway I set up my route server as here:
>> > https://www.slideshare.net/apnic/bird-routing-daemon
>> > But I am having the problem described here:
>> > https://bird.network.cz/pipermail/bird-users/2010-September/001620.html
>> >
>> > I just edited the bird.conf of the route server, should I also edit the bird.conf of the routers which are peering with the route server?
>> >
>> > Thanks,
>> >
>> > Il giorno lun 6 apr 2020 alle ore 17:50 Alexander Zubkov <green at qrator.net> ha scritto:
>> >>
>> >> Have you tried to check that in cli like:
>> >> show route where bgp_out(...)
>> >> And check that required route has all needed communities:
>> >> show route all x.x.x.x/y
>> >>
>> >> On Mon, Apr 6, 2020 at 5:35 PM Fabiano D'Agostino
>> >> <fabiano.dagostino96 at gmail.com> wrote:
>> >> >
>> >> > Hey,
>> >> > thank you! I think I am having the same problem they had here:
>> >> > https://bird.network.cz/pipermail/bird-users/2010-September/001620.html
>> >> >
>> >> > But I didn't understand how they solved.
>> >> >
>> >> > Regards,
>> >> > Fabiano
>> >> >
>> >> > Il giorno lun 6 apr 2020 alle ore 17:16 Cybertinus <bird at cybertinus.nl> ha scritto:
>> >> >>
>> >> >> Hello Fabiano,
>> >> >>
>> >> >>
>> >> >> BGP Communities are basically tags you add to a prefix that is received from, or send to, a peer. And in Bird you can do whatever you want with these communities. A community by itself has no meaning and has no influence on the routing decision whatsoever. It is the meaning you add to it in your configuration what makes them work.
>> >> >>
>> >> >> More information about communities: https://en.wikipedia.org/wiki/Border_Gateway_Protocol#Communities
>> >> >>
>> >> >>
>> >> >> Kind regards,
>> >> >> Cybertinus
>> >> >>
>> >> >>
>> >> >> On 2020-04-06 17:03, Fabiano D'Agostino wrote:
>> >> >>
>> >> >> and how these kind of checks are handled?
>> >> >> if (myas,peeras) ~ bgp_community  what is bgp_community?
>> >> >>
>> >> >> Thanks,
>> >> >>
>> >> >> Il giorno lun 6 apr 2020 alle ore 15:32 Fabiano D'Agostino <fabiano.dagostino96 at gmail.com> ha scritto:
>> >> >>
>> >> >> Thank you, but "if the route does not come from BGP then false"
>> >> >> here I have:
>> >> >> protocol pipe a {
>> >> >>     table master;
>> >> >>     mode transparent;
>> >> >>     peer table a;
>> >> >>     import all;
>> >> >>     export where bgp_out(x); => this becomes false, what does this mean?
>> >> >>     #export all;
>> >> >> }
>> >> >>
>> >> >> Thanks,
>> >> >>
>> >> >> Il giorno lun 6 apr 2020 alle ore 10:50 Bernd Naumann <bena at spreadshirt.net> ha scritto:
>> >> >>
>> >> >> On 05.04.20 23:08, Fabiano D'Agostino wrote:
>> >> >> > Good evening,
>> >> >> > could someone explain me the meaning of these lines?
>> >> >> >
>> >> >> > function bgp_out(int peeras)
>> >> >> > {
>> >> >> > if ! (source = RTS_BGP ) then return false;
>> >> >> > if peeras > 65535 then return true; ### communities do not support AS32
>> >> >> > if (0,peeras) ~ bgp_community then return false;
>> >> >> > if (myas,peeras) ~ bgp_community then return true;
>> >> >> > if (0, myas) ~ bgp_community then return false;
>> >> >> > return true;
>> >> >> > }
>> >> >> >
>> >> >> > Thanks,
>> >> >> >
>> >> >> > Fabiano
>> >> >> >
>> >> >>
>> >> >> Morning,
>> >> >>
>> >> >> I can not cover the whole section but as a start...
>> >> >>
>> >> >> * if the route does not come from BGP then false (routing table source?)
>> >> >> * if the remote AS Number is greater 65535 (16 Bit) then "just" return
>> >> >> true (see AS 32 Bit Numbers, and the non-support of older
>> >> >> devices/implementations)
>> >> >> * For the next 3 I'm not 100% sure how to read but I found
>> >> >> https://bird-users.network.narkive.com/3uDbo6H9/any-ix-willing-to-share-their-config
>> >> >>
>> >> >> ```
>> >> >> 0:XXXXX - Do not announce route to peer XXXXX
>> >> >> 0:MyASN - Do not announce route to all peers
>> >> >> MyASN:XXXXX - Announce route to peer XXXXX only
>> >> >> MyASN:MyASN - Announce routes to all peers. This community is
>> >> >> automatically added to all routes that are not
>> >> >> tagged with any of MyASN:XXXXX communities.
>> >> >> ```
>> >> >>
>> >> >> Maybe this helps a little bit.
>> >> >>
>> >> >> Bernd

More information about the Bird-users mailing list