Hi Jakob. The simple configuration below allows communities to be forwarded (send-community-ebgp), but are cleaned at egress (using route-policy and community-set). In the experiment, the router receives announcements with altering community attributes only, from the internal peer. After the filter is applied, the router sends duplicates to the external peer. Also, In a slightly different setup, the router sends duplicates due to changes in the next-hop only. best regards Thomas --- RP/0/0/CPU0:ios(config)#show running-config Tue Oct 20 02:56:24.230 UTC Building configuration... !! IOS XR Configuration 6.0.1 !! Last configuration change at Tue Oct 20 02:56:02 2020 by cisco ! interface MgmtEth0/0/CPU0/0 shutdown ! interface GigabitEthernet0/0/0/0 ipv4 address 10.12.0.2 255.255.255.252 ! interface GigabitEthernet0/0/0/1 ipv4 address 10.20.0.1 255.255.255.252 ! community-set all *:* end-set ! route-policy nofilter pass end-policy ! route-policy egressfilter delete community in all pass end-policy ! router bgp 65002 bgp router-id 10.12.0.2 address-family ipv4 unicast ! neighbor 10.12.0.1 remote-as 65001 address-family ipv4 unicast send-community-ebgp route-policy egressfilter out ! neighbor 10.20.0.2 remote-as 65002 address-family ipv4 unicast ! end On 10/17/20 3:59 PM, Jakob Heitz (jheitz) via NANOG wrote:
IOS-XR has duplicate update suppression logic for EBGP sessions, not for IBGP sessions.
If you are using EBGP and seeing a fault in the duplicate update suppression logic in IOS-XR, please let me know configs and details of the experiment.
Regards, Jakob.
-----Original Message----- Date: Thu, 15 Oct 2020 18:35:58 -0700 From: Thomas Krenc <tkrenc@nps.edu>
Dear NANOG,
As a team of researchers from NPS and TU Berlin, we are investigating the impact of BGP community attributes on the update behavior between ASes.
We find that when a route is associated with multiple distinct community attributes it does not only lead to multiple announcement at the tagging AS, but also at neighboring ASes, if communities are not filtered properly. This behavior is wide-spread.
In order to better understand our observations, we have performed a series of laboratory experiments using Cisco IOS, Junos OS, as well as the BIRD daemon.
We find that - by default - all tested routers generate announcements with changing community attributes, even when other attributes do not change. In addition, when communities are filtered at egress, Cisco und BIRD send duplicate announcements (Juniper does not).
Since our findings are limited to observations in public data as well as few router implementations, we would like to share our research and kindly ask you to have a look at:
??? https://www.cmand.org/communityexploration/
There, we provide some resources documenting our research, as well as open questions. We greatly appreciate any feedback and insights you can offer. Also, please don't hesitate to contact us directly:
??? communityexploration AT cmand DOT org
best regards
Thomas Krenc Postdoctoral Researcher Naval Postgraduate School