The BGP
routes containing no-export
community are not advertised to external BGP peers.
There
might be a practical scenario where we might need to export routes to ebgp neighbors. In that case we
need to remove no-export community.
This post
explains how we remove no-export community in juniper.
In the
diagram shown above
R1 advertises
its loopback (11.11.11.11/32)with no-export community to R2. R2 will not advertise 11.11.11.11/32 to R3 as
it received route no-export
community.
R1
Configuration:
lab@juniper-rtr> show configuration
logical-systems R1
interfaces {
lt-2/0/10 {
unit 0 {
encapsulation ethernet;
peer-unit 1;
family inet {
address 1.1.1.1/24;
}
}
}
lo0
{
unit 100;
}
}
protocols {
bgp {
export exp_no-export-comm;
group ext-100 {
type external;
neighbor 1.1.1.2 {
peer-as 200;
}
}
}
}
policy-options {
policy-statement exp_no-export-comm {
term 1 {
from protocol direct;
then {
community set No_EXPORT;
accept;
}
}
}
community No_EXPORT members
no-export;
}
routing-options {
autonomous-system 100;
}
R2
Configuration:
lab@juniper-rtr> show configuration
logical-systems R2
interfaces {
lt-2/0/10 {
unit 1 {
encapsulation ethernet;
peer-unit 0;
family inet {
address 1.1.1.2/24;
}
}
unit 2 {
encapsulation ethernet;
peer-unit 3;
family inet {
address 2.2.2.1/24;
}
}
}
}
protocols {
bgp {
group ext-100 {
type external;
neighbor 1.1.1.1 {
peer-as 100;
}
}
group ext-AS300 {
type external;
neighbor 2.2.2.2 {
peer-as 300;
}
}
}
}
routing-options {
autonomous-system 200;
}
lab@juniper-rtr>
R3
Configuration:
lab@juniper-rtr> show configuration
logical-systems R3
interfaces {
lt-2/0/10 {
unit 3 {
encapsulation ethernet;
peer-unit 2;
family inet {
address 2.2.2.2/24;
}
}
}
}
protocols {
bgp {
group ext-AS200 {
type
external;
neighbor 2.2.2.1 {
peer-as 200;
}
}
}
}
routing-options {
autonomous-system 300;
}
Route
output in R2:
lab@juniper-rtr> show route logical-system R2
11.11.11.11 detail
inet.0: 5 destinations, 6 routes (5 active, 0 holddown, 0 hidden)
11.11.11.11/32 (1 entry, 1 announced)
*BGP Preference: 170/-101
Next hop type: Router, Next hop index: 3078
Address: 0xa5c1e40
Next-hop reference count: 3
Source: 1.1.1.1
Next hop: 1.1.1.1 via lt-2/0/10.1, selected
Session Id: 0x29e6
State: <Active Ext>
Local AS: 200 Peer AS: 100
Age: 4:23
Validation State: unverified
Task: BGP_100.1.1.1.1
Announcement bits (1): 0-KRT
AS path: 100 I
Communities: no-export
Accepted
Localpref:
100
Router ID: 1.1.1.1
In R3 route table we do not see
11.11.11.11/32
lab@juniper-rtr> show route logical-system R3
inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
2.2.2.0/24 *[Direct/0] 00:25:33
> via
lt-2/0/10.3
2.2.2.2/32 *[Local/0] 00:25:33
Local via lt-2/0/10.3
Configure following policy on R2 to
remove no-export community and apply it for the routes received from R1:
protocols {
bgp {
group ext-100 {
type external;
import REMOVE_no-export;
neighbor 1.1.1.1 {
peer-as 100;
}
}
group ext-AS300 {
type external;
neighbor 2.2.2.2 {
peer-as 300;
}
}
}
}
policy-options {
policy-statement REMOVE_no-export
{
then {
community delete NO_EXPORT;
}
}
community NO_EXPORT members no-export;
}
Once the bgp
import policy is configured to remove no-export community we do not see
no-export community for route 11.11.11.11/32 and the same route is exported to
R3
lab@juniper-rtr> show route logical-system R2
11.11.11.11 detail
inet.0: 5 destinations, 6 routes (5 active, 0 holddown, 0 hidden)
11.11.11.11/32 (1 entry, 1 announced)
*BGP Preference: 170/-101
Next hop type: Router, Next hop index: 3078
Address: 0xa5c1e40
Next-hop reference count: 3
Source: 1.1.1.1
Next hop: 1.1.1.1 via lt-2/0/10.1, selected
Session Id: 0x29e6
State: <Active Ext>
Local AS: 200 Peer AS: 100
Age: 6:39
Validation State: unverified
Task: BGP_100.1.1.1.1
Announcement bits (2): 0-KRT 1-BGP_RT_Background
AS path: 100 I
Accepted
Localpref: 100
Router ID: 1.1.1.1
lab@juniper-rtr> show route logical-system R3
inet.0: 3 destinations, 3 routes (3 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
2.2.2.0/24 *[Direct/0] 00:27:30
> via
lt-2/0/10.3
2.2.2.2/32 *[Local/0] 00:27:30
Local via lt-2/0/10.3
11.11.11.11/32 *[BGP/170] 00:00:58, localpref
100
AS path: 200 100 I,
validation-state: unverified
> to
2.2.2.1 via lt-2/0/10.3
Remove
no-export community in Cisco:
Similar to juniper configuration on R2,
we define route-map and apply to BGP peer in input direction.
Route before applying route-map. We
can see from the below output that route is not advertised to EBGP peer.
lab-R2#sh ip bgp vpnv4 vrf NO-EXPORT-TEST 11.11.11.11
BGP routing table entry for 111:1441:11.11.11.11/32
version 19502
Paths: (1 available, best #1, table NO-EXPORT-TEST,
not advertised to EBGP peer)
Not
advertised to any peer
10.64.10.1
from 10.64.10.1 (219.91.219.254)
Origin IGP, localpref 100, valid, external,
best
Community: 65218:20 65218:3202 no-export
mpls labels in/out 2653/nolabel
lab-R2#
Route-map
Configuration:
Configure
following route-map on R2 to remove no-export community and apply it for the
routes received from R1:
route-map no-export-remove permit 10
set community none
lab-R2 (config-router-af)#neighbor 10.64.10.1
route-map no-export-remove in
Route after applying route-map
lab-R2#sh ip bgp vpnv4 vrf NO-EXPORT-TEST 11.11.11.11
BGP routing table entry for 111:1441:11.11.11.11/32,
version 19541
Paths: (1 available, best #1, table NO-EXPORT-TEST)
Advertised to update-groups:
51
10.64.10.1 from 10.64.10.1 (219.91.219.254)
Origin IGP, localpref 100, valid, external,
best
mpls labels in/out 2653/nolabel
lab-R2#
Remove
no-export community in Alcatel-Lucent:
Configure
following policy on R2 to remove no-export community and apply it for the
routes received from R1:
policy-options
community "NO_EXPORT" members
"no-export"
policy-statement "NO_EXPORT_REMOVE"
entry 10
from
protocol
bgp
exit
action
accept
community
remove "NO_EXPORT"
exit
exit
bgp
group
"AS100"
import "NO_EXPORT_REMOVE"
Once the bgp
import policy is configured to remove no-export community we can see no-export
community is removed in modified attributes for route 11.11.11.11/32 and the
same route is exported to R3
lab-alu-rtr
# show router 1000 bgp routes 11.11.11.11/32 detail
===============================================================================
BGP
Router ID:2.2.2.1
AS:200 Local AS:200
===============================================================================
Legend
-
Status codes : u - used, s -
suppressed, h - history, d - decayed, * - valid
Origin codes : i - IGP, e - EGP, ? - incomplete,
> - best, b - backup
===============================================================================
BGP IPv4 Routes
===============================================================================
-------------------------------------------------------------------------------
Original Attributes
Network
: 11.11.11.11/32
Nexthop
: 1.1.1.1
Path Id
: None
From
: 1.1.1.1
Res. Nexthop : 1.1.1.1
Local Pref.
: n/a Interface Name : Port
2/2/15:1081:0
Aggregator AS : None Aggregator : None
Atomic Aggr. : Not Atomic MED : 10
Community :
no-export
Cluster
: No Cluster Members
Originator Id : None Peer Router Id : 1.1.1.1
Fwd Class : None Priority : None
Flags
: Used Valid Best
IGP
Route Source
: External
AS-Path
: 100
Modified Attributes
Network
: 11.11.11.11/32
Nexthop
: 1.1.1.1
Path Id
: None
From
: 1.1.1.1
Res. Nexthop : 1.1.1.1
Local Pref.
: None Interface
Name : Port 2/2/15:1081:0
Aggregator AS : None Aggregator : None
Atomic Aggr. : Not Atomic MED : 10
Community :
No Community Members
Cluster
: No Cluster Members
Originator Id : None Peer Router Id : 1.1.1.1
Fwd Class : None Priority : None
Flags
: Used Valid Best
IGP
Route Source
: External
AS-Path
: 100
Great things you’ve always shared with us. Just keep writing this kind of posts.The time which was wasted in traveling for tuition now it can be used for studies.Thanks Cisco Phone
ReplyDeleteThanks!
ReplyDelete