BGP的community属性传递

一个对BGP路由进行标记的32bit的数值!

分为标准和扩展两种

一、标准community为ipv4前缀作标记又分为以下两种

<1>well-know communities(熟知团体),包括以下4种

• NO_EXPORT = 0xFFFFFFF01----不传出大AS(如果接收到的路由携带该数值，不通告到EBGP对等体。如果配置了联盟，则不能将此路由宣告到联盟之外。)

• LOCAL_AS = 0xFFFFFFF03----不传出小AS

• NO_ASVERTISE = 0xFFFFFFF02----不通告出本路由器

• INTERNET = 0

<2>Private communities(私有团体):通常需要用一种新的格式表示（即aa:nn，其中aa用来表示一个AS号，nn表示一个任意的16位数字以标识一个路由选择策略或管理策略）

command:ip bgp-community new-format

二、扩展community是为vpnv4/vpnv6路由做标记

<1>RT

<2>SoO（Site of Origin / 站点起源）—— 用来标识客户站点，防止从某一点离开该站点又从另外一个点被发送回同一站点——set extcommunity soo

测试拓扑

正常路由：

R5#show ip bgp

BGP table version is 23, local router ID is 5.5.5.5

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure, S Stale, m multipath, b backup-path, x best-external

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

*> 5.5.5.5/32 0.0.0.0 0 32768 i

*> 10.1.1.0/24 45.1.1.4 0 65512 100 i #来自R1的BGP路由

*> 100.1.1.0/24 45.1.1.4 0 65512 100 i#来自R1的BGP路由

*> 200.1.1.0 45.1.1.4 0 65512 100 i#来自R1的BGP路由

no-advertise属性测试：

R1：

R1#show run | s bgp

router bgp 100

bgp log-neighbor-changes

network 10.1.1.0 mask 255.255.255.0

network 100.1.1.0 mask 255.255.255.0

network 200.1.1.0

neighbor 12.1.1.2 remote-as 65512

neighbor 12.1.1.2 send-community #去往R2传递community属性

neighbor 12.1.1.2 route-map asd out #去往R2应用route-map asd

no auto-summary

#bgp的配置

R1#show run | s route-map

neighbor 12.1.1.2 route-map asd out

route-map asd permit 10

set community no-advertise #route-map asd 设置no-advertise 属性

route-map asd permit 20

R2上看到R1传过来的路由

R2#show ip bgp neighbors 12.1.1.1 routes

BGP table version is 20, local router ID is 2.2.2.2

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure, S Stale, m multipath, b backup-path, x best-external

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

*> 10.1.1.0/24 12.1.1.1 0 0 100 i

*> 100.1.1.0/24 12.1.1.1 0 0 100 i

*> 200.1.1.0 12.1.1.1 0 0 100 i

Total number of prefixes 3

R2：

R2#show ip bgp 10.1.1.1

BGP routing table entry for 10.1.1.0/24, version 18

Paths: (1 available, best #1, table default, not advertised to any peer)

Not advertised to any peer

100

12.1.1.1 from 12.1.1.1 (200.1.1.1)

Origin IGP, metric 0, localpref 100, valid, external, best

Community: no-advertise #从R1过来的路由有 Community属性

#有Community: no-advertise属性的路由 不传出本路由器

R3：

R3# show ip bgp # 在同一个AS的R3看不到R1的路由

Network Next Hop Metric LocPrf Weight Path

*>i5.5.5.5/32 4.4.4.4 0 100 0 300 i

验证OK！

no-export属性测试：

R1：

R1#show run | section bgp

router bgp 100

bgp log-neighbor-changes

network 10.1.1.0 mask 255.255.255.0

network 100.1.1.0 mask 255.255.255.0

network 200.1.1.0

neighbor 12.1.1.2 remote-as 65512

neighbor 12.1.1.2 send-community

neighbor 12.1.1.2 route-map asd out

no auto-summary

R1#show run | section route-map

neighbor 12.1.1.2 route-map asd out

route-map asd permit 10

set community no-export

route-map asd permit 20

R2：

R2#show ip bgp 10.1.1.1

BGP routing table entry for 10.1.1.0/24, version 21

Paths: (1 available, best #1, table default, not advertised to EBGP peer)

Advertised to update-groups:

6

100

12.1.1.1 from 12.1.1.1 (200.1.1.1)

Origin IGP, metric 0, localpref 100, valid, external, best

Community: no-export

R3：

R3#show ip bgp 10.1.1.1

BGP routing table entry for 10.1.1.0/24, version 31

Paths: (1 available, best #1, table default, not advertised to EBGP peer)

Not advertised to any peer

100

2.2.2.2 (metric 11) from 2.2.2.2 (2.2.2.2)

Origin IGP, metric 0, localpref 100, valid, internal, best

Community: no-export

#本AS内community正常传递

R5：

R5#show ip bgp

BGP table version is 20, local router ID is 5.5.5.5

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure, S Stale, m multipath, b backup-path, x best-external

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

*> 5.5.5.5/32 0.0.0.0 0 32768 i

#带有no-export属性的bgp路由不能跨AS传递，所以R5不能收到这条路由

验证OK！