Hi, When the providers choose communities do they follow the syntax AS_NUM:X, where X is some number to ensure uniqueness of their particular community? The reason i ask this is because if operators are doing this then they need not worry that the community being used by them would not be used by anybody anywhere in the world. I am wondering if it can _ever_ happen that i get to recieve a BGP UPDATE carrying a community number that i use inside my AS? Is this possible? And if Yes, then what scenario? Thanks, John
On Fri, Aug 11, 2006 at 04:03:57AM +0000, John Smith wrote:
Hi,
When the providers choose communities do they follow the syntax AS_NUM:X, where X is some number to ensure uniqueness of their particular community? The reason i ask this is because if operators are doing this then they need not worry that the community being used by them would not be used by anybody anywhere in the world.
I am wondering if it can _ever_ happen that i get to recieve a BGP UPDATE carrying a community number that i use inside my AS?
Is this possible? And if Yes, then what scenario?
Communities can be used in any damned way you feel like, they're just numbers that people add to routes to convey extra information, and they can be squashed or added, and propagated or not proagated between networks, as any particular network sees fit. Some people are partial to only using their own ASN in the first half (and thus arbitrary codes in the second half), but personally I'm not. For example, if I was AS1234 and I wanted my customers to be able to tell me to preend once to my peer AS5678, I would rather they be able to send 5678:1 rather than have to know to look up my communities reference webpage and find an arbitrary mapping like 1234:65123 for the behavior they want. Why? Two reasons. First, there is a logical difference between communities you accept (to "do" some specific action), and communities you advertise (to inform others about the routes in some way). It probably isn't terribly neighborly of you to send routes to AS5678 using 5678:xxxx because you felt like it (though if they have any common sense whatsoever they're filtering their own reserved community space on the routes they receive from you), but it may make perfect sense for you to pass on some information about the route (such as geographic area you learned it from, the type of relationship (customer, peer, transit), etc) using 1234:xxxx space. I'm a fan of making this information available to everyone on the Internet who wants it (since you never know, it may come in handy to some network you've never heard of 7 hops away from you), and if they don't they're welcome to filter it. For routes you are receiving, it is generally harmless to step on other peoples 5678:xxxx space, take whatever action you're going to take, and then delete those communities at export time. Second, I'm still waiting for a widely available policy "language" which lets you do useful things, such as reference variables which change at run time depending upon the session they're applied again. Picture a policy language where you can say "match $remoteasn:1" to do a specific prepend to a specific neighbor, without needing to write a specific policy for that neighbor beforehand. Once vendors get their acts together and implement this (so far the only one I know of to do it is Cisco under IOS XR), using powerful and complex policies to manage your network will be much, much easier. But the short answer to your cryptic question is "yes anyone can send you anything at any time, and if you don't want them to do so, filter appropriately on your border". -- Richard A Steenbergen <ras@e-gerbil.net> http://www.e-gerbil.net/ras GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)
participants (2)
-
John Smith
-
Richard A Steenbergen