ccie blog

BGP Aggregate-Address Using Communities

I recently found a cool way to manipulate the way an aggregate-address propagates throughout different autonomous systems. Using the topology below, we can see that R1 advertises 4 prefixes + the aggregate-address to AS2. But now, we only want AS3 to receive the aggregate-address for the prefixes. We can completely control this behaviour using just R1. How cool is that!

All IP addresses & BGP peerings have been configured.  No networks have been advertised into BGP yet.

Let’s start by configuring R1.

R1(config-router)#router bgp 1
R1(config-router)#network 10.10.10.0 mask 255.255.255.192
R1(config-router)#network 10.10.10.64 mask 255.255.255.192
R1(config-router)#network 10.10.10.128 mask 255.255.255.192
R1(config-router)#network 10.10.10.192 mask 255.255.255.192
R1(config-router)#
R1(config-router)#aggregate-address 10.10.10.0 255.255.255.0
R1(config-router)#
R1(config-router)#neighbor 21.21.21.1 send-community
R1(config-router)#neighbor 21.21.21.1 route-map set_community out
R1(config-router)#exit
R1(config)#ip prefix-list routes_AS3_should_receive seq 5 permit 10.10.10.0/24
R1(config)#
R1(config)#route-map set_community permit 10
R1(config-route-map)#match ip address prefix-list routes_AS3_should_receive
R1(config-route-map)#set community none
R1(config-route-map)#route-map set_community permit 20
R1(config-route-map)#set community no-export

In this route-map we’re advertising the aggregate-address without a community value to ensure it propagates to AS3. However, the no-export community has been attached to the more specific prefixes. By doing this, it stops R2 advertising anything but the aggregate-address to R3. Let’s hop over to R2 and see the affect.

R2#sh ip bgp
BGP table version is 8, local router ID is 21.21.21.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 10.10.10.0/26    21.21.21.2               0             0 1 i
*> 10.10.10.0/24    21.21.21.2               0             0 1 i
*> 10.10.10.64/26   21.21.21.2               0             0 1 i
*> 10.10.10.128/26  21.21.21.2               0             0 1 i
*> 10.10.10.192/26  21.21.21.2               0             0 1 i

R2#sh ip bgp community no-export
BGP table version is 8, local router ID is 21.21.21.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 10.10.10.0/26    21.21.21.2               0             0 1 i
*> 10.10.10.64/26   21.21.21.2               0             0 1 i
*> 10.10.10.128/26  21.21.21.2               0             0 1 i
*> 10.10.10.192/26  21.21.21.2               0             0 1 i

The first output shows that R2 has received all 5 prefixes (aggregate-address and 4 networks). The second output shows that the more specific prefixes have all been set with the no-export community. This means R3 should now only receive the aggregate address. Let’s check.

R3#sh ip bgp
BGP table version is 2, local router ID is 23.23.23.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 10.10.10.0/24    23.23.23.1                             0 2 1 i

R3#sh ip bgp 10.10.10.0
BGP routing table entry for 10.10.10.0/24, version 2
Paths: (1 available, best #1, table Default-IP-Routing-Table)
  Not advertised to any peer
  2 1, (aggregated by 1 10.10.10.193)
    23.23.23.1 from 23.23.23.1 (21.21.21.1)
      Origin IGP, localpref 100, valid, external, atomic-aggregate, best

We can see that we have achieved the desired result.  Also, you should notice that the atomic-ggregate & aggregator attributes  have been applied.  This basically just means that a loss of path information has occurred, and the 10.10.10.193 address (R1) in AS1 is the router that contains more specific information about the prefix 10.10.10.0/24.

Leave a comment

Your comment