Routing

Expand all | Collapse all

Policy-options to match empty BGP community

Jump to Best Answer
  • 1.  Policy-options to match empty BGP community

    Posted 12-14-2018 17:56

    Hello,

     

    Is there anyone could advise how to match any prefixes with empty BGP community in policy option? Below is the config from Cisco IOS-XR and would like to seek for an equivalent in Junos.

    !
    route-policy Policy-1
    if community is-empty then
    pass
    set community (64100:7777)
    endif
    end-policy
    !

    Thanks in advance,



  • 2.  RE: Policy-options to match empty BGP community

    Posted 12-14-2018 18:01

    Try something like this

    [edit policy-options]
       policy-statement NO_COMM {
           term has_community {
               from community has_commumity;
               then next policy;
           }
           term no_community {
               then accept;
           }
       }
    [edit policy-options]
       community has_commumity members *:*;
    


  • 3.  RE: Policy-options to match empty BGP community

     
    Posted 12-14-2018 19:14

    HI,

     

    Follow this example here with explaination:

    https://www.juniper.net/documentation/en_US/junos/topics/example/policy-community-remove.html

     

    set policy-options policy-statement remove-communities term 1 from protocol bgp
    set policy-options policy-statement remove-communities term 1 then community delete wild
    set policy-options policy-statement remove-communities term 1 then accept
    set policy-options policy-statement remove-communities term 2 then reject
    set policy-options community wild members *:*
     
     
    With the above config, it deletes the community matching the wildcard.
     
    So in scenario of R0--R1--R2--R3 (EBGP Peers), when your up stream EBGP router (R3) send route to R2, (routes with community), you delete them matching the wildcard(as shown in example). Now the routes you pass down from R2 to R1, wouldn't have any community associated with routes (you recieved fromR3). So route on R1 has no community (is empty) for those routes.
     
    When there is no community to route its considered as empty.
    In your config (Policy-1), you're stating that when there is no community, then do a set community operation.
    In that you're basically doing a community set operation as follows when export route from R1 to R0.
     
    [edit]
    +  policy-options {
    +      policy-statement Policy-1 {
    +          term 1 {
    +              from {
    +                  protocol bgp;
    +              }
    +              then {
    +                  community set 64100:7777;
    +                  accept;
    +              }
    +          }
    +          term 2 {
    +              then accept;
    +          }
    +      }
    +  }

     

     
    term2 can be fine tuned further if required.
     
     


  • 4.  RE: Policy-options to match empty BGP community
    Best Answer

    Posted 12-14-2018 21:05

    Hello,

    The direct equivalent is "from community-count 0 equal". Example below.

    Topology :

    R1----------------------------regular ibgp loopback peering------------------------------------------------R2

     |                                                                                                                                                                     ^

     |                                                                                                                                                                      |

    203.0.113.255/32 static redistri into iBGP-->>>>>>>>>>>>>>>>>>>>>------>>>>>>>>>>>------>+

     

    R1 relevant config:

     

    set routing-options static route 203.0.113.255/32 receive
    set routing-options static route 203.0.113.255/32 tag 203
    set policy-options policy-statement IBGP-EX term 1 from protocol static
    set policy-options policy-statement IBGP-EX term 1 from tag 203
    set policy-options policy-statement IBGP-EX term 1 then accept
    set protocols bgp group MB-iBGP type internal
    set protocols bgp group MB-iBGP local-address 198.51.100.1
    set protocols bgp group MB-iBGP family inet unicast
    set protocols bgp group MB-iBGP export IBGP-EX
    set protocols bgp group MB-iBGP neighbor 198.51.100.2

    R1 sends 203.0.113.255/32 without any community:

     

    regress@R1# run show route advertising-protocol bgp 198.51.100.2 extensive       
    
    inet.0: 24 destinations, 24 routes (24 active, 0 holddown, 0 hidden)
    * 203.0.113.255/32 (1 entry, 1 announced)
     BGP group MB-iBGP type Internal
         Nexthop: Self
         Localpref: 100
         AS path: [65111] I 
    

    R2 receives 203.0.113.255/32 and it has an import policy to match on "community-count 0 equal" + set LP + add tag:

     

    regress@R2# show | display set | grep no-comm 
    set protocols bgp group MB-iBGP import NO-COMM
    set policy-options policy-statement NO-COMM term 1 from community-count 0 equal
    set policy-options policy-statement NO-COMM term 1 then tag 203
    set policy-options policy-statement NO-COMM term 1 then local-preference 678
    set policy-options policy-statement NO-COMM term 1 then accept

    The end result on R2 is:

     

    regress@R2# run show route 203.0.113.255 extensive | grep "203|tag|pref" 
    203.0.113.255/32 (1 entry, 1 announced)
    KRT in-kernel 203.0.113.255/32 -> {indirect(1054830)}
            *BGP    Preference: 170/-679
                          Tag: 203 
                    Localpref: 678

    HTH

    Thx

    Alex