BGP communities on Route Servers
Hi folks, Some time ago, I recall a discussion and/or email thread about BGP action communities on the route servers (i.e.: don’t advertise to certain peers, prepends, etc). Are these in place, and if so, documented anywhere? If not, could I volunteer some cycles to get in place? I looked through the archives a bit, and poked on the website, but didn’t see anything. Thanks, Andrew — Andrew Hoyos Hoyos Consulting LLC ofc: +1 608 616 9950 andrew@hoyosconsulting.com http://www.hoyosconsulting.com
On Tue, Nov 24, 2015 at 09:18:34PM -0600, Andrew Hoyos wrote:
Hi folks,
Some time ago, I recall a discussion and/or email thread about BGP action communities on the route servers (i.e.: don???t advertise to certain peers, prepends, etc). Are these in place, and if so, documented anywhere? If not, could I volunteer some cycles to get in place?
I looked through the archives a bit, and poked on the website, but didn???t see anything.
I don't think this went anywhere but as a discussion. -- Mike Horwath, reachable via drechsau@Geeks.ORG
I believe something is implemented, at least on a test basis for certain members. I don't think it's been fully implemented for everyone and documented. -- Richard
On Tue, Nov 24, 2015 at 10:33:01PM -0600, Richard Laager wrote:
I believe something is implemented, at least on a test basis for certain members. I don't think it's been fully implemented for everyone and documented.
If you have time to do this then I commend you and would love to see the output. 666:<asn> - drop routes 12345:<asn> - add routes with passphrase 1:<asn> - default NULL route - cause there can be only ... -- Mike Horwath, reachable via drechsau@Geeks.ORG
On Tue, Nov 24, 2015 at 09:18:34PM -0600, Andrew Hoyos wrote:
Some time ago, I recall a discussion and/or email thread about BGP action communities on the route servers (i.e.: don’t advertise to certain peers, prepends, etc). Are these in place, and if so, documented anywhere? If not, could I volunteer some cycles to get in place?
No, we haven't come up with the BIRD configs to support that. There was just one specific case setup and done. If you want to supply BIRD magic to do that, it would be appreciated. Some areas identified already as sticking points have been 32-bit AS's do need to be supported (We do have at least one member with a 32-bit AS). Otherwise, it looks like BIRD should be able to do it. We are running a fairly up-to-date version. The main impetuous before was to prevent route distribution to such-and-such CDN so they don't overload your pipe. -- Doug McIntyre <merlyn@iphouse.net> ~.~ ipHouse ~.~ Network Engineer/Provisioning/Jack of all Trades
On Nov 25, 2015, at 12:42 AM, Doug McIntyre <merlyn@iphouse.net> wrote:
If you want to supply BIRD magic to do that, it would be appreciated.
Check these functions (bgp_out_comm and bgp_out) out here: https://gitlab.labs.nic.cz/labs/bird/wikis/Route_server_with_community_based... <https://gitlab.labs.nic.cz/labs/bird/wikis/Route_server_with_community_based...> That seems like it would work in this specific case, along with extended community support for the 32-bit ASNs. Announce a route only to a certain peer: 53679:<peer-asn> Announce a route to all peers: 53679:53679 Block announcement of a route to a certain peer: 0:<peer-asn> Block announcement of a route to all peers: 0:53679 I’d be happy to be a guinea pig, or help implement. I’m not sure of the current RS config, but I’d imagine this would be easily adaptable into the current config. There are also some examples there of enforcing first ASN and filtering RFC1918 junk, which if we’re not already doing, might be wise. Thanks, Andrew
participants (4)
-
Andrew Hoyos -
Doug McIntyre -
Mike Horwath -
Richard Laager