BGP Communities

October 31, 2022 20:43:49 UTC
Last Updated
Stellar Technologies leverages BGP Standard Communities to provide granular control of internal and external traffic engineering. This document describes the BGP Communities implemented in AS14525. The information contained herein should be considered authoritative for this purpose.

Well-Known Communities

AS14525 supports some well-known BGP communities for routing and export control.
Community
Description
65535:1
NO_EXPORT Don't export outside AS14525 (RFC1997)
65535:2
NO_ADVERTISE Don't export to any other peer, internal or external (RFC1997)
65535:666
BLACKHOLE Blackhole traffic to any IPv4 /32 or IPv6 /128 route (RFC7999)

AS14525 Communities

Originated Route Types

Routes to destinations inside AS14525.
Community
Description
14525:1
Originated Any
14525:2
Global Aggregate
14525:3
Regional Aggregate
14525:4
Metro Aggregate
14525:5
POP Aggregate
14525:6
Specific Prefix

External Route Types

Routes to destinations outside AS14525.
Communitiy
Description
14525:1*
Customer Route
14525:2*
Private Peer Route
14525:3*
Public Peer/IX Route
14525:4*
Transit Route
In external route type communities, x corresponds to an arbitrary internal identifier. For the purposes of regular expression filtering, one should use a pattern such as ^14525:1[0-9]$ if the intent is to filter all customer routes.

Security Signaling

RPKI

Stellar drops RPKI Invalid announcements at all external peering points. After dropping RPKI Invalids, AS14525 attaches the following communities to each prefix relative to its RPKI state:
Community
Description
14525:600
RPKI Valid
14525:601
RPKI Unknown

Remotely Triggered Black Hole Filtering

Customers and peers may signal to AS14525 to automatically blackhole any host prefix (IPv4 /32 or IPv6 /128) in their allowed address space.
Upon import, routes with a blackhole community are propagated to other AS14525 routers, and all traffic to the host is discarded globally. Routes with a blackhole community also have the no-export community appended, so they are never exported from AS14525.
Community
Description
14525:666
Blackhole traffic to any host route. Equivalent to well-known BLACKHOLE community.

Blackhole Community

While blackhole communities are accepted from transit peers, they are only accepted on routes with an AS_PATH length of 1 (directly originated).

Origin Identifiers

Community
Description
14525:0
Any route that has ingressed or egressed AS14525
14525:1xxxx
Routes from Region xxx
14525:2xxx
Routes from Country xxx
14525:30xx
Routes from Metro xxx
14525:4xxx
14525:9xxx
Routes from a specific Peer xxx

Region IDs

Region ID numbers map to UN M.49 identifiers.

Country IDs

Country ID numbers map to ISO 3166-1 country identifiers.

Metro IDs

Metros are groups of Points of Presence (POPs) that are geographically and performantly close to one or more groups of customers.
Name
ID
US West
01
US Hawaii
02
US Central
03

POP IDs

Each Point of Presence is assigned a unique identifier for the purposes of identification and routing control.
Name
ID
Location
Facility
Region
Country
Region
phx01
001
Phoenix, AZ
EdgeConneX ECDPHX01
US West
US
North America
chi01
002
Chicago, IL
QTS CHI1
US Central
US
North America
hnl01
003
Honolulu, HI
DRFortress
US Hawaii
US
North America

Peer IDs

ASN
Name
Type
ID
174
Cogent Communications
Transit
001
6939
Hurricane Electric
Tranist
002
1299
Telia Carrier
Tranist
003
3257
GTT Communications
Tranist
004
209
CenturyLink
Tranist
005
701
Verizon
Tranist
006
40300
DRFortress: DRFConnect
Tranist
007
40300
DRFortress: DRF-IX
Public Peer
008
13335
Cloudflare
Private Peer
009
22773
Cox Communications
Private Peer
010
62484
48 IX
Public Peer
011
34553
PacketFrame
Customer
012
24115
Equinix Chicago
Public Peer
013
3356
Lumen Technologies
Transit
014
33713
Chicago Internet Exchange
Transit
015

Community Export

All Origin ID communities are exported to transit, direct, IXP, and customer peers.

Legacy Communities

Community
Description
Notes
14525:50xx
Metro Aggregate, where xx is equal to the Metro ID
.
Currently used to control export of routes within a metro area.

Routing Control

The following communities are used to influence routing decisions within AS14525. Routing control communities are never exported to external peers of AS14525.

Local Preference

Levels

Each local preference community maps to a specific level of preference allowed for the peer type.
Peer Type
Default
Level 1
Level 2
Level 3
Transit
150
Public Peer
200
Private Peer
250
50
150
250
Customer
350
50
250
350

Peer Local Preference

Transit peers may use the local preference communities, however they will only be applied to routes with an AS_PATH length of 1 (directly originated). Local preference communities are not accepted from public peers (IX route servers).

Communities

When using a local preference community, the corresponding local preference will be applied based on peer type.
Community
Description
14525:10001
Set Local Preference to Level 1
14525:10002
Set Local Preference to Level 2
14525:10003
Set Local Preference to Level 3

AS Path Prepend

Customers and peers may signal AS14525 to automatically prepend 14525 to route announcements. Prepend communities are only accepted from customers, direct peers, and transit peer routes with an AS_PATH length of 1.

Prepending Order

Prepending occurs on export from AS14525.
Community
Description
14525:11000
Prepend 14525 1x to all peers & customers
14525:21000
Prepend 14525 2x to all peers & customers
14525:31000
Prepend 14525 3x to all peers & customers
14525:11xxx
Prepend 14525 1x to all peers with ID xxx
14525:21xxx
Prepend 14525 2x to all peers with ID xxx
14525:31xxx
Prepend 14525 3x to all peers with ID xxx
14525:12xxx
Prepend 14525 1x to all peers in Region xxx
14525:22xxx
Prepend 14525 2x to all peers in Region xxx
14525:32xxx
Prepend 14525 3x to all peers in Region xxx
14525:13xxx
Prepend 14525 1x to all customers in Region xxx
14525:23xxx
Prepend 14525 2x to all customers in Region xxx
14525:33xxx
Prepend 14525 3x to all customers in Region xxx
14525:14xxx
Prepend 14525 1x to all peers in Country xxx
14525:24xxx
Prepend 14525 2x to all peers in Country xxx
14525:34xxx
Prepend 14525 3x to all peers in Country xxx
14525:15xxx
Prepend 14525 1x to all customers in Country xxx
14525:25xxx
Prepend 14525 2x to all customers in Country xxx
14525:35xxx
Prepend 14525 3x to all customers in Country xxx
14525:16xxx
Prepend 14525 1x to all peers in Metro xxx
14525:26xxx
Prepend 14525 2x to all peers in Metro xxx
14525:36xxx
Prepend 14525 3x to all peers in Metro xxx
14525:17xxx
Prepend 14525 1x to all customers in Metro xxx
14525:27xxx
Prepend 14525 2x to all customers in Metro xxx
14525:37xxx
Prepend 14525 3x to all customers in Metro xxx
14525:18xxx
Prepend 14525 1x to all peers in POP xxx
14525:28xxx
Prepend 14525 2x to all peers in POP xxx
14525:38xxx
Prepend 14525 3x to all peers in POP xxx
14525:19xxx
Prepend 14525 1x to all customers in POP xxx
14525:29xxx
Prepend 14525 2x to all customers in POP xxx
14525:39xxx
Prepend 14525 3x to all customers in POP xxx

Examples

Prepend Prepend 1x to all Customers & Peers
Cisco IOS
!
ip prefix-list prepend1 permit 192.0.2.0/24
!
route-map as14525-out permit 10
  match ip address prefix-list prepend1
  set community 14525:11000
route-map as14525-out permit 20
!
router bgp 64496
  neighbor 198.51.100.1 remote-as 14525
  address-family ipv4 unicast
    neighbor 198.51.100.1 route-map as14525-out out
!
Juniper JunOS
set policy-options community as14525-prepend1 members 14525:11000
set policy-options prefix-list prepend1 192.0.2.0/24
set policy-options policy-statement as14525-out term prepend1 from prefix-list prepend1
set policy-options policy-statement as14525-out term prepend1 then community add as14525-prepend1
set policy-options policy-statement as14525-out then accept
set protocols bgp group ipv4-as14525 peer-as 14525
set protocols bgp group ipv4-as14525 neighbor 198.51.100.1
set protocols bgp group ipv4-as14525 export as14525-out
Prepend 2x to all Peers in Australia
Cisco IOS
!
ip prefix-list prepend2-australia permit 192.0.2.0/24
!
route-map as14525-out permit 10
  match ip address prefix-list prepend2-australia
  set community 14525:24036
route-map as14525-out permit 20
!
router bgp 64496
  neighbor 198.51.100.1 remote-as 14525
  address-family ipv4 unicast
    neighbor 198.51.100.1 route-map as14525-out out
Juniper JunOS
set policy-options community as14525-prepend2-australia members 14525:24036
set policy-options prefix-list prepend2-australia 192.0.2.0/24
set policy-options policy-statement as14525-out term prepend from prefix-list prepend2-australia
set policy-options policy-statement as14525-out term prepend then community add as14525-prepend2-australia
set policy-options policy-statement as14525-out then accept
set protocols bgp group ipv4-as14525 peer-as 14525
set protocols bgp group ipv4-as14525 neighbor 198.51.100.1
set protocols bgp group ipv4-as14525 export as14525-out

AS Prepending

Because 14525 is automatically prepended to all route announcements, using the above prepend communities yields an AS_PATH of 14525 + N where N is the number of prepends. For example:
Given a customer ASN of 64496, and a customer prefix of 192.0.2.0/24, a standard route announcement would look like:
Prefix          AS_PATH
192.0.2.0/24    14525 64496 i
For each available prepend options, the route announcement would look like one of the below examples on export from AS14525:
1X PREPEND
Prefix          AS_PATH
192.0.2.0/24    14525 14525 64496 i
2X PREPEND
Prefix          AS_PATH
192.0.2.0/24    14525 14525 14525 64496 i
3X PREPEND
Prefix          AS_PATH
192.0.2.0/24    14525 14525 14525 14525 64496 i

Export Control

No Export

Routes with a No Export community attached are immediately rejected on export, prior to any other policy being applied.
Community
Description
Support Status
14525:40001
Don't export outside of AS14525. Equivalent to well-known NO_EXPORT community.
Supported
14525:40002
Don't export to any other peer, internal or external. Equivalent to well-known NO_ADVERTISE community.
Supported
14525:40003
Don't export to peers. Equivalent to well-known NO_EXPORT community, but only applies to peers, not customers.
Not yet supported
14525:40004
Don't export to customers. Equivalent to well-known NO_EXPORT community, but only applies to customers, not peers.
Not yet supported
14525:41xxx
Don't export to Peer xxx
Supported
14525:42xxx
Don't export to peers in Region xxx
.
Not yet supported
14525:43xxx
Don't export to peers in Country xxx
Not yet supported
14525:44xxx
Don't export to peers in Metro xxx
Not yet supported
14525:45xxx
Don't export to peers in POP xxx
.
Not yet supported
14525:46xxx
Don't export to customers in Region xxx
.
Not yet supported
14525:47xxx
Don't export to customers in Country xxx
Not yet supported
14525:48xxx
Don't export to customers in Metro xxx
.
Not yet supported
14525:49xxx
Don't export to customers in POP xxx
Not yet supported
Export Only
Routes with an Export Only community attached are immediately rejected on export by any routers where the region, country, metro, or POP does not match the ID specified.
Community
Description
Support Status
14525:51xxx
Export only to Peer xxx
Supported
14525:52xxx
Export only to peers in Region xxx
Not yet supported
14525:53xxx
Export only to peers in Country xxx
Not yet supported
14525:54xxx
Export only to peers in Metro xxx
Not yet supported
14525:55xxx
Export only to peers in POP xxx
Not yet supported
14525:56xxx
Export only to customers in Region xxx
Not yet supported
14525:57xxx
Export only to customers in Country xxx
Not yet supported
14525:58xxx
Export only to customers in Metro xxx
Not yet supported
14525:59xxx
Export only to customers in POP xxx
Not yet supported

Changes and Version Control

Where notice of an impending change is deemed necessary, Stellar Technologies will make every attempt to notify affected customers or peers if it is determined that any impact will occur.
Stellar Technologies Inc accepts no liability whatsoever for damages or losses suffered by third parties as a result of their reliance on the information contained herein. By making use of any of information contained herein, the user acknowledges and agrees to these conditions.
Learn More about What We Do
    • Orion
    • Network Connectivity
    • Cloud Desktops
    • Data Protection
    Copyright © 2023 Stellar Technologies

    Subscribe to Our Newsletter