The BGP
routes containing no-export
community are not advertised to external BGP peers.
There
might be a practical scenario where we might need to export routes to ebgp neighbors. In that case we
need to remove no-export community.
This post
explains how we remove no-export community in juniper.
In the
diagram shown above
R1 advertises
its loopback (11.11.11.11/32)with no-export community to R2. R2 will not advertise 11.11.11.11/32 to R3 as
it received route no-export
community.
R1
Configuration:
lab@juniper-rtr> show configuration
logical-systems R1
interfaces {
lt-2/0/10 {
unit 0 {
encapsulation ethernet;
peer-unit 1;
family inet {
address 1.1.1.1/24;
}
}
}
lo0
{
unit 100;
}
}
protocols {
bgp {
export exp_no-export-comm;
group ext-100 {
type external;
neighbor 1.1.1.2 {
peer-as 200;
}
}
}
}
policy-options {
policy-statement exp_no-export-comm {
term 1 {
from protocol direct;
then {
community set No_EXPORT;
accept;
}
}
}
community No_EXPORT members
no-export;
}
routing-options {
autonomous-system 100;
}
R2
Configuration:
lab@juniper-rtr> show configuration
logical-systems R2
interfaces {
lt-2/0/10 {
unit 1 {
encapsulation ethernet;
peer-unit 0;
family inet {
address 1.1.1.2/24;
}
}
unit 2 {
encapsulation ethernet;
peer-unit 3;
family inet {
address 2.2.2.1/24;
}
}
}
}
protocols {
bgp {
group ext-100 {
type external;
neighbor 1.1.1.1 {
peer-as 100;
}
}
group ext-AS300 {
type external;
neighbor 2.2.2.2 {
peer-as 300;
}
}
}
}
routing-options {
autonomous-system 200;
}
lab@juniper-rtr>
R3
Configuration:
lab@juniper-rtr> show configuration
logical-systems R3
interfaces {
lt-2/0/10 {
unit 3 {
encapsulation ethernet;
peer-unit 2;
family inet {
address 2.2.2.2/24;
}
}
}
}
protocols {
bgp {
group ext-AS200 {
type
external;
neighbor 2.2.2.1 {
peer-as 200;
}
}
}
}
routing-options {
autonomous-system 300;
}
Route
output in R2:
lab@juniper-rtr> show route logical-system R2
11.11.11.11 detail
inet.0: 5 destinations, 6 routes (5 active, 0 holddown, 0 hidden)
11.11.11.11/32 (1 entry, 1 announced)
*BGP Preference: 170/-101
Next hop type: Router, Next hop index: 3078
Address: 0xa5c1e40
Next-hop reference count: 3
Source: 1.1.1.1
Next hop: 1.1.1.1 via lt-2/0/10.1, selected
Session Id: 0x29e6
State: <Active Ext>
Local AS: 200 Peer AS: 100
Age: 4:23
Validation State: unverified
Task: BGP_100.1.1.1.1
Announcement bits (1): 0-KRT
AS path: 100 I
Communities: no-export
Accepted
Localpref:
100
Router ID: 1.1.1.1
In R3 route table we do not see
11.11.11.11/32
lab@juniper-rtr> show route logical-system R3
inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
2.2.2.0/24 *[Direct/0] 00:25:33
> via
lt-2/0/10.3
2.2.2.2/32 *[Local/0] 00:25:33
Local via lt-2/0/10.3
Configure following policy on R2 to
remove no-export community and apply it for the routes received from R1:
protocols {
bgp {
group ext-100 {
type external;
import REMOVE_no-export;
neighbor 1.1.1.1 {
peer-as 100;
}
}
group ext-AS300 {
type external;
neighbor 2.2.2.2 {
peer-as 300;
}
}
}
}
policy-options {
policy-statement REMOVE_no-export
{
then {
community delete NO_EXPORT;
}
}
community NO_EXPORT members no-export;
}
Once the bgp
import policy is configured to remove no-export community we do not see
no-export community for route 11.11.11.11/32 and the same route is exported to
R3
lab@juniper-rtr> show route logical-system R2
11.11.11.11 detail
inet.0: 5 destinations, 6 routes (5 active, 0 holddown, 0 hidden)
11.11.11.11/32 (1 entry, 1 announced)
*BGP Preference: 170/-101
Next hop type: Router, Next hop index: 3078
Address: 0xa5c1e40
Next-hop reference count: 3
Source: 1.1.1.1
Next hop: 1.1.1.1 via lt-2/0/10.1, selected
Session Id: 0x29e6
State: <Active Ext>
Local AS: 200 Peer AS: 100
Age: 6:39
Validation State: unverified
Task: BGP_100.1.1.1.1
Announcement bits (2): 0-KRT 1-BGP_RT_Background
AS path: 100 I
Accepted
Localpref: 100
Router ID: 1.1.1.1
lab@juniper-rtr> show route logical-system R3
inet.0: 3 destinations, 3 routes (3 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
2.2.2.0/24 *[Direct/0] 00:27:30
> via
lt-2/0/10.3
2.2.2.2/32 *[Local/0] 00:27:30
Local via lt-2/0/10.3
11.11.11.11/32 *[BGP/170] 00:00:58, localpref
100
AS path: 200 100 I,
validation-state: unverified
> to
2.2.2.1 via lt-2/0/10.3
Remove
no-export community in Cisco:
Similar to juniper configuration on R2,
we define route-map and apply to BGP peer in input direction.
Route before applying route-map. We
can see from the below output that route is not advertised to EBGP peer.
lab-R2#sh ip bgp vpnv4 vrf NO-EXPORT-TEST 11.11.11.11
BGP routing table entry for 111:1441:11.11.11.11/32
version 19502
Paths: (1 available, best #1, table NO-EXPORT-TEST,
not advertised to EBGP peer)
Not
advertised to any peer
10.64.10.1
from 10.64.10.1 (219.91.219.254)
Origin IGP, localpref 100, valid, external,
best
Community: 65218:20 65218:3202 no-export
mpls labels in/out 2653/nolabel
lab-R2#
Route-map
Configuration:
Configure
following route-map on R2 to remove no-export community and apply it for the
routes received from R1:
route-map no-export-remove permit 10
set community none
lab-R2 (config-router-af)#neighbor 10.64.10.1
route-map no-export-remove in
Route after applying route-map
lab-R2#sh ip bgp vpnv4 vrf NO-EXPORT-TEST 11.11.11.11
BGP routing table entry for 111:1441:11.11.11.11/32,
version 19541
Paths: (1 available, best #1, table NO-EXPORT-TEST)
Advertised to update-groups:
51
10.64.10.1 from 10.64.10.1 (219.91.219.254)
Origin IGP, localpref 100, valid, external,
best
mpls labels in/out 2653/nolabel
lab-R2#
Remove
no-export community in Alcatel-Lucent:
Configure
following policy on R2 to remove no-export community and apply it for the
routes received from R1:
policy-options
community "NO_EXPORT" members
"no-export"
policy-statement "NO_EXPORT_REMOVE"
entry 10
from
protocol
bgp
exit
action
accept
community
remove "NO_EXPORT"
exit
exit
bgp
group
"AS100"
import "NO_EXPORT_REMOVE"
Once the bgp
import policy is configured to remove no-export community we can see no-export
community is removed in modified attributes for route 11.11.11.11/32 and the
same route is exported to R3
lab-alu-rtr
# show router 1000 bgp routes 11.11.11.11/32 detail
===============================================================================
BGP
Router ID:2.2.2.1
AS:200 Local AS:200
===============================================================================
Legend
-
Status codes : u - used, s -
suppressed, h - history, d - decayed, * - valid
Origin codes : i - IGP, e - EGP, ? - incomplete,
> - best, b - backup
===============================================================================
BGP IPv4 Routes
===============================================================================
-------------------------------------------------------------------------------
Original Attributes
Network
: 11.11.11.11/32
Nexthop
: 1.1.1.1
Path Id
: None
From
: 1.1.1.1
Res. Nexthop : 1.1.1.1
Local Pref.
: n/a Interface Name : Port
2/2/15:1081:0
Aggregator AS : None Aggregator : None
Atomic Aggr. : Not Atomic MED : 10
Community :
no-export
Cluster
: No Cluster Members
Originator Id : None Peer Router Id : 1.1.1.1
Fwd Class : None Priority : None
Flags
: Used Valid Best
IGP
Route Source
: External
AS-Path
: 100
Modified Attributes
Network
: 11.11.11.11/32
Nexthop
: 1.1.1.1
Path Id
: None
From
: 1.1.1.1
Res. Nexthop : 1.1.1.1
Local Pref.
: None Interface
Name : Port 2/2/15:1081:0
Aggregator AS : None Aggregator : None
Atomic Aggr. : Not Atomic MED : 10
Community :
No Community Members
Cluster
: No Cluster Members
Originator Id : None Peer Router Id : 1.1.1.1
Fwd Class : None Priority : None
Flags
: Used Valid Best
IGP
Route Source
: External
AS-Path
: 100
