What's the point of prepend communities?
Hi, Of all the ISPs that I am familiar with that have a BGP community structure usable by their peering partners and/or downstream customers, among other things, they allow the customer to signal the ISP to prepend their own AS to the as-path of a particular prefix announcement. What functionality does a provider prepend support that is otherwise lost in the absence of such a feature, but all the while, the customer would be able to prepend their own AS to the same prefix announcement anyway? Is this a relic from before ISPs allowed for local preference adjustment, or is there actually a use case for this? Thanks!
On Thu, Oct 26, 2017 at 1:58 PM, Jason Lixfeld <jason+nanog@lixfeld.ca> wrote:
Of all the ISPs that I am familiar with that have a BGP community structure usable by their peering partners and/or downstream customers, among other things, they allow the customer to signal the ISP to prepend their own AS to the as-path of a particular prefix announcement.
What functionality does a provider prepend support that is otherwise lost in the absence of such a feature, but all the while, the customer would be able to prepend their own AS to the same prefix announcement anyway?
Hi Jason, BGP routing is based on "distance". Distance in BGP is primarily calculated as the number of ASNs in the AS Path. Prepends make a path more distance, encouraging routers to choose a different path if one is available. So, prepends are the primary knob used for controlling which path gets taken. Is this a relic from before ISPs allowed for local preference adjustment,
or is there actually a use case for this?
It's the exact opposite of a relic. Regards, Bill Herrin -- William Herrin ................ herrin@dirtside.com bill@herrin.us Dirtside Systems ......... Web: <http://www.dirtside.com/>
Hi Bill,
On Oct 26, 2017, at 2:37 PM, William Herrin <bill@herrin.us> wrote:
BGP routing is based on "distance". Distance in BGP is primarily calculated as the number of ASNs in the AS Path. Prepends make a path more distance, encouraging routers to choose a different path if one is available.
I understand how prepends fit in the context of best path selection, but my question was more the difference between a customer signalling the ISP to prepend their AS using a BGP community stamped to a prefix vs. the customer prepending their own AS instead.
On Thu, Oct 26, 2017 at 2:47 PM, Jason Lixfeld <jason+nanog@lixfeld.ca> wrote:
Hi Bill,
On Oct 26, 2017, at 2:37 PM, William Herrin <bill@herrin.us> wrote:
BGP routing is based on "distance". Distance in BGP is primarily calculated as the number of ASNs in the AS Path. Prepends make a path more distance, encouraging routers to choose a different path if one is available.
I understand how prepends fit in the context of best path selection, but my question was more the difference between a customer signalling the ISP to prepend their AS using a BGP community stamped to a prefix vs. the customer prepending their own AS instead.
blame shifting? avoiding instances where a third party filters: <ispasn> ?$ vs <ispasn> .*$ or just people's particular picadellos.
Hi, In context of traffic engineering it may be that Network A (customer of Network B) observes that performance is suboptimal between Network B and Network C. If Network B offers some kind of “Prepend to Network C” BGP community, network A will be able to utilize all of network B except the pieces that perform less well. (This is ofcourse assuming that Network C picks some alternative path because of the prepends) I think prepend communities are useful to empower customers to debug and perhaps even resolve issues without waiting for action from their supplier. Prepends are also slightly more graceful than “don’t export”, since if there are no alternative paths there still is _a_ path - and often any path is better than no path. Kind regards, Job
On Oct 26, 2017, at 2:55 PM, Job Snijders <job@ntt.net> wrote:
If Network B offers some kind of “Prepend to Network C” BGP community, network A will be able to utilize all of network B except the pieces that perform less well. (This is ofcourse assuming that Network C picks some alternative path because of the prepends)
Absolutely. I understand the "Prepend to Network blah” use case. The case I don’t get is where the ISP makes no distinction in their policy document about how the prepending of their own AS is applied to their upstream announcements, implying that it’s announced to everyone.
On Thu, 26 Oct 2017, Jason Lixfeld wrote:
Absolutely. I understand the "Prepend to Network blah” use case. The case I don’t get is where the ISP makes no distinction in their policy document about how the prepending of their own AS is applied to their upstream announcements, implying that it’s announced to everyone.
The "prepend to everybody" communities are usually implemented as "prepend to all peers", excluding customers, and for some variable definition of "all". YMMV, caveat emptor, et cetera -- in most cases you'll need to experiment. I've used "prepend to all peers" communities a few times to avoid saturating transit links that are being consolidated but still under contract, in order to keep the link viable and in use by the immediate neighbor and their customers, but otherwise make it less attractive to the rest of the world under normal conditions. -Rob
On Thu, Oct 26, 2017 at 2:47 PM, Jason Lixfeld <jason+nanog@lixfeld.ca> wrote:
Hi Bill,
On Oct 26, 2017, at 2:37 PM, William Herrin <bill@herrin.us> wrote:
BGP routing is based on "distance". Distance in BGP is primarily calculated as the number of ASNs in the AS Path. Prepends make a path more distance, encouraging routers to choose a different path if one is available.
I understand how prepends fit in the context of best path selection, but my question was more the difference between a customer signalling the ISP to prepend their AS using a BGP community stamped to a prefix vs. the customer prepending their own AS instead.
Hi Jason, You'd only use communities like that if you want to signal the ISP to deprioritize your advertisement on a particular peer or set of peers but not others. That's when you're getting fancy. It's not the norm. The norm is you want to deprioritize one of your paths as a whole. Maybe that link has less capacity or is enough better connected that it would always override your other links unless you detune it a little. I mean, you could tell the ISP to prepend everything based on a community, assuming they support such a community, but why would you? That needlessly makes things more complicated. Regards, Bill Herrin -- William Herrin ................ herrin@dirtside.com bill@herrin.us Dirtside Systems ......... Web: <http://www.dirtside.com/>
Keep in mind also that when you allow a customer to deprioritize a particular peer you can really blow up your COGS model (assuming you buy transit). Cheers, Steve On Thu, Oct 26, 2017 at 1:05 PM, William Herrin <bill@herrin.us> wrote:
On Thu, Oct 26, 2017 at 2:47 PM, Jason Lixfeld <jason+nanog@lixfeld.ca> wrote:
Hi Bill,
On Oct 26, 2017, at 2:37 PM, William Herrin <bill@herrin.us> wrote:
BGP routing is based on "distance". Distance in BGP is primarily calculated as the number of ASNs in the AS Path. Prepends make a path more distance, encouraging routers to choose a different path if one is available.
I understand how prepends fit in the context of best path selection, but my question was more the difference between a customer signalling the ISP to prepend their AS using a BGP community stamped to a prefix vs. the customer prepending their own AS instead.
Hi Jason,
You'd only use communities like that if you want to signal the ISP to deprioritize your advertisement on a particular peer or set of peers but not others. That's when you're getting fancy. It's not the norm. The norm is you want to deprioritize one of your paths as a whole. Maybe that link has less capacity or is enough better connected that it would always override your other links unless you detune it a little.
I mean, you could tell the ISP to prepend everything based on a community, assuming they support such a community, but why would you? That needlessly makes things more complicated.
Regards, Bill Herrin
-- William Herrin ................ herrin@dirtside.com bill@herrin.us Dirtside Systems ......... Web: <http://www.dirtside.com/>
On Thu, Oct 26, 2017 at 3:05 PM, William Herrin <bill@herrin.us> wrote:
On Thu, Oct 26, 2017 at 2:47 PM, Jason Lixfeld <jason+nanog@lixfeld.ca> wrote: You'd only use communities like that if you want to signal the ISP to deprioritize your advertisement on a particular peer or set of peers but not others. That's when you're getting fancy. It's not the norm. The norm is you want to deprioritize one of your paths as a whole. Maybe that link has less capacity or is enough better connected that it would always override your other links unless you detune it a little.
I mean, you could tell the ISP to prepend everything based on a community, assuming they support such a community, but why would you? That needlessly makes things more complicated.
Ah, I see. I completely misread your question. The answer you may be looking for is that the ISP can be more subtle about which of their peers gets your prepend. Maybe you want to prefer ISP A for your overseas traffic but prefer ISP B for your domestic traffic. ISP A can design a community tag that causes your advertisement to be prepended but only when sent to domestic peers. Still not a relic but not a primary knob. Regards, Bill Herrin -- William Herrin ................ herrin@dirtside.com bill@herrin.us Dirtside Systems ......... Web: <http://www.dirtside.com/>
That is exactly correct. It is normally used to control which peers the ISP is prepended to. Many times the ISP has a guide that shows several different communities you can use to further control BGP beyond what you normally could do yourself. Steven Naslund Chicago IL -----Original Message----- From: NANOG [mailto:nanog-bounces@nanog.org] On Behalf Of William Herrin Sent: Thursday, October 26, 2017 2:15 PM To: Jason Lixfeld Cc: NANOG Subject: Re: What's the point of prepend communities? On Thu, Oct 26, 2017 at 3:05 PM, William Herrin <bill@herrin.us> wrote:
On Thu, Oct 26, 2017 at 2:47 PM, Jason Lixfeld <jason+nanog@lixfeld.ca> wrote: You'd only use communities like that if you want to signal the ISP to deprioritize your advertisement on a particular peer or set of peers but not others. That's when you're getting fancy. It's not the norm. The norm is you want to deprioritize one of your paths as a whole. Maybe that link has less capacity or is enough better connected that it would always override your other links unless you detune it a little.
I mean, you could tell the ISP to prepend everything based on a community, assuming they support such a community, but why would you? That needlessly makes things more complicated.
Ah, I see. I completely misread your question. The answer you may be looking for is that the ISP can be more subtle about which of their peers gets your prepend. Maybe you want to prefer ISP A for your overseas traffic but prefer ISP B for your domestic traffic. ISP A can design a community tag that causes your advertisement to be prepended but only when sent to domestic peers. Still not a relic but not a primary knob. Regards, Bill Herrin -- William Herrin ................ herrin@dirtside.com bill@herrin.us Dirtside Systems ......... Web: <http://www.dirtside.com/>
On Thu, Oct 26, 2017 at 03:05:25PM -0400, William Herrin wrote:
You'd only use communities like that if you want to signal the ISP to deprioritize your advertisement on a particular peer or set of peers but not others. That's when you're getting fancy. It's not the norm. The norm is you want to deprioritize one of your paths as a whole. Maybe that link has less capacity or is enough better connected that it would always override your other links unless you detune it a little.
I mean, you could tell the ISP to prepend everything based on a community, assuming they support such a community, but why would you? That needlessly makes things more complicated.
Completely agree. I would add that some providers' "prepend everything" community is really "prepend to all peers" (or something else shy of "prepend to every BGP neighbor we have"). In that case, if the customer prepends, the prepend is seen by the provider's other customers, but if the customer sets the "prepend to all peers" community, the provider's customers won't see the prepend. There are cases where that functionality would be useful. I have never seen a provider with a true "prepend to every BGP neighbor we have" community, but it might well exist somewhere. -- Brett
In a message written on Thu, Oct 26, 2017 at 02:47:44PM -0400, Jason Lixfeld wrote:
I understand how prepends fit in the context of best path selection, but my question was more the difference between a customer signalling the ISP to prepend their AS using a BGP community stamped to a prefix vs. the customer prepending their own AS instead.
Imagine: You are 1. ISP is 2. ISP's peers are 3 & 4. Your B2B partner is 5. There are paths: 1 2 3 5 1 2 4 5 If you prepend your ASN, you get: 1 1 2 3 5 1 1 2 4 5 No difference. If you send the ISP a prepend community for 3, you get: 1 2 3 3 5 1 2 4 5 And you just forced all traffic to the second, shorter path. -- Leo Bicknell - bicknell@ufp.org PGP keys at http://www.ufp.org/~bicknell/
I believe that Jason is asking about an ISP BGP community to prepend their AS when the BGP routes are received from the customer (not when advertising to a peer). I don't see a functional difference between the two and I suspect that ISPs added support for convenience. If you already send BGP communities to your ISP for other BGP route manipulation, you can add another community for ISP AS prepending rather than modifying your local policies to add AS prepending. You are 1. ISP is 2. 1 1 2 - You prepend 1 2 2 - ISP prepends -- Clinton Work Airdrie, AB On Thu, Oct 26, 2017, at 01:19 PM, Leo Bicknell wrote:
In a message written on Thu, Oct 26, 2017 at 02:47:44PM -0400, Jason Lixfeld wrote:
I understand how prepends fit in the context of best path selection, but my question was more the difference between a customer signalling the ISP to prepend their AS using a BGP community stamped to a prefix vs. the customer prepending their own AS instead.
No, Mr Herrin was correct in the first place. The BGP communities are used to control to which peers the prepend is applied. You cannot do this within your own BGP configuration. Here is the use case. I have a connection to AT&T and I have one to Comcast I want AT&T customers to come to me over the AT&T circuit. I want everyone else to come to me over Comcast. If I just prepend my own AS onto the AT&T connection I might actually cause AT&T customers to reach me via Comcast (shorter AS path potentially). If I want to prevent that I send a prepend community to AT&T which tells them to prepend toward their peers BUT NOT WITHIN THEIR OWN NETWORK. There are usually multiple choices here to affect different subsets of their peers (customers, peer carriers, etc). There is also the case where I have multiple AT&T connections. If I prepend just one of them the way you suggest, all of my traffic will probably come in the other connection. If I prepend using communities I can get some traffic (from AT&T peers) on one connection and get most of the transit on the other connection. What you are doing in effect is making your connection with AT&T look like AT&T is a peer rather than a transit AS. You can also do this to more selectively influence your inbound traffic when you are multihomed to different carriers (just a simple prepend like you suggest may not be granular enough, I have seen cases where a single prepend pushes almost all your traffic to your other carrier). The old way to do this was to ask your ISP to treat you like a peer rather than a transit customer. Now you can control that yourself just by setting the correct communities, it can also be programmatically controlled. Picture you have the configuration like I talked about above with AT&T and Comcast but now Comcast is overloaded or impaired. By changing your communities you can reroute most of the traffic to AT&T without a MACD request to them. Steven Naslund Chicago IL -----Original Message----- From: NANOG [mailto:nanog-bounces+snaslund=medline.com@nanog.org] On Behalf Of Clinton Work Sent: Thursday, October 26, 2017 2:54 PM To: nanog@nanog.org Subject: Re: What's the point of prepend communities? I believe that Jason is asking about an ISP BGP community to prepend their AS when the BGP routes are received from the customer (not when advertising to a peer). I don't see a functional difference between the two and I suspect that ISPs added support for convenience. If you already send BGP communities to your ISP for other BGP route manipulation, you can add another community for ISP AS prepending rather than modifying your local policies to add AS prepending. You are 1. ISP is 2. 1 1 2 - You prepend 1 2 2 - ISP prepends -- Clinton Work Airdrie, AB On Thu, Oct 26, 2017, at 01:19 PM, Leo Bicknell wrote:
In a message written on Thu, Oct 26, 2017 at 02:47:44PM -0400, Jason Lixfeld wrote:
I understand how prepends fit in the context of best path selection, but my question was more the difference between a customer signalling the ISP to prepend their AS using a BGP community stamped to a prefix vs. the customer prepending their own AS instead.
In a message written on Thu, Oct 26, 2017 at 01:54:17PM -0600, Clinton Work wrote:
I believe that Jason is asking about an ISP BGP community to prepend their AS when the BGP routes are received from the customer (not when
Yeah, I typoed my example, should have been: There are paths: 1 2 3 5 1 2 4 5 If you prepend your ASN, you get: 1 1 2 3 5 1 1 2 4 5 No difference. If you send the ISP a prepend community for 3, you get: 1 2 2 3 5 1 2 4 5 And you just forced all traffic to the second, shorter path. For only customers that are dual homed to 3 & 4 without affecting other traffic. -- Leo Bicknell - bicknell@ufp.org PGP keys at http://www.ufp.org/~bicknell/
Hi guys, But keep in mind that 'prepend communities' are fragile: I decide by local preference whereto I send my traffic. Cheers, mh Le 30 oct. 2017 à 18:25, à 18:25, Leo Bicknell <bicknell@ufp.org> a écrit:
In a message written on Thu, Oct 26, 2017 at 01:54:17PM -0600, Clinton Work wrote:
I believe that Jason is asking about an ISP BGP community to prepend their AS when the BGP routes are received from the customer (not when
Yeah, I typoed my example, should have been:
There are paths:
1 2 3 5 1 2 4 5
If you prepend your ASN, you get:
1 1 2 3 5 1 1 2 4 5
No difference. If you send the ISP a prepend community for 3, you get:
1 2 2 3 5 1 2 4 5
And you just forced all traffic to the second, shorter path. For only customers that are dual homed to 3 & 4 without affecting other traffic.
-- Leo Bicknell - bicknell@ufp.org PGP keys at http://www.ufp.org/~bicknell/
In a message written on Mon, Oct 30, 2017 at 07:56:43PM +0100, Michael Hallgren wrote:
But keep in mind that 'prepend communities' are fragile: I decide by local preference whereto I send my traffic.
Absolutely, but they are still very useful in many situations. -- Leo Bicknell - bicknell@ufp.org PGP keys at http://www.ufp.org/~bicknell/
Yes, sometimes very much so, and often nice to combine with local-pref settings based on upstream's "geo-community-values" when available. Cheers, mh Le 1 nov. 2017 à 18:59, à 18:59, Leo Bicknell <bicknell@ufp.org> a écrit:
In a message written on Mon, Oct 30, 2017 at 07:56:43PM +0100, Michael Hallgren wrote:
But keep in mind that 'prepend communities' are fragile: I decide by local preference whereto I send my traffic.
Absolutely, but they are still very useful in many situations.
-- Leo Bicknell - bicknell@ufp.org PGP keys at http://www.ufp.org/~bicknell/
If I understand the OP correctly, I will use this real world example: https://onestep.net/communities/as174/ 174:3001 through 174:3003 as compared to doing the prepending yourself. What is the functional difference? BGP neighbors of 174 will see just as many AS hops either way, but non-BGP customers of 174 would see you just one hop away. It's just another method of traffic engineering. ----- Mike Hammett Intelligent Computing Solutions http://www.ics-il.com Midwest-IX http://www.midwest-ix.com ----- Original Message ----- From: "Jason Lixfeld" <jason+nanog@lixfeld.ca> To: "William Herrin" <bill@herrin.us> Cc: "NANOG" <nanog@nanog.org> Sent: Thursday, October 26, 2017 1:47:44 PM Subject: Re: What's the point of prepend communities? Hi Bill,
On Oct 26, 2017, at 2:37 PM, William Herrin <bill@herrin.us> wrote:
BGP routing is based on "distance". Distance in BGP is primarily calculated as the number of ASNs in the AS Path. Prepends make a path more distance, encouraging routers to choose a different path if one is available.
I understand how prepends fit in the context of best path selection, but my question was more the difference between a customer signalling the ISP to prepend their AS using a BGP community stamped to a prefix vs. the customer prepending their own AS instead.
On Sun, Oct 29, 2017 at 07:01:13AM -0500, Mike Hammett wrote:
If I understand the OP correctly, I will use this real world example:
https://onestep.net/communities/as174/
174:3001 through 174:3003 as compared to doing the prepending yourself. What is the functional difference?
BGP neighbors of 174 will see just as many AS hops either way, but non-BGP customers of 174 would see you just one hop away. It's just another method of traffic engineering.
According to the link you provided, 3001..3003 are effective on "ALL peer[s]" (which is differnet from all BGP neighbors). So BGP-speaking customers of 174 will not see the prepending if you use 174:3001..3003, but peers will; but if you do the prepending yourself, then all 174's peers and all 174's BGP-speaking customers see it. -- Brett
On 10/26/17 10:58, Jason Lixfeld wrote:
Hi,
Of all the ISPs that I am familiar with that have a BGP community structure usable by their peering partners and/or downstream customers, among other things, they allow the customer to signal the ISP to prepend their own AS to the as-path of a particular prefix announcement.
What functionality does a provider prepend support that is otherwise lost in the absence of such a feature, but all the while, the customer would be able to prepend their own AS to the same prefix announcement anyway? It has no effect on the provider itself since they prefer customer routes anyway.
prepending towards a peer of your provider is to encourage them to select an alternative (shorter) path. prepending when it works is preferable to no export since the later doesn't leave that provider available for fallback.
Is this a relic from before ISPs allowed for local preference adjustment, or is there actually a use case for this? local pref and med is um local to your upstream. Thanks!
participants (13)
-
Brett Frankenberger
-
Christopher Morrow
-
Clinton Work
-
Jason Lixfeld
-
Job Snijders
-
joel jaeggli
-
Leo Bicknell
-
Michael Hallgren
-
Mike Hammett
-
Naslund, Steve
-
Rob Foehl
-
Steve Dodd
-
William Herrin