Operational BGP Communities
Operational BGP Communities can be used to control various functions of the route server. With these communities, you can:
- control the redistribution of advertised prefixes, based on an ASN or on geolocation
- prepend your own ASN up to three times
- trigger the calculation of a new alternate path (if available) for your advertised prefixes before you start commencing a maintenance
Please note that if the $PEER-AS is a four byte AS number you have to use the BGP Extended or Large Communities.
All BGP community examples on this page are based on DE-CIX Frankfurt (AS6695).
If you want to use BGP Communities at one of the other exchanges, please replace all occurrences of "6695" with the AS of the exchange:
Control of prefix redistribution
You can control which BGP announcements you send to the route servers are redistributed to other peers. This can be done based on the following criteria:
- Edge node
- Metro region
The following table gives an overview of available options and their corresponding BGP Communities. The according values for $SWITCH, $METRO, $COUNTRY, $CONTINENT are available here. In case two or more BGP (extended/large) Communities are contradicting the community with the lowest evaluation order is processed.
Please note: Location-based redistribution control works in the context of GlobePEER Remote.
Example: If you peer in FRA and instruct the FRA route server to redistribute your routes only to local peers (FRA), peers connected to FRA via GlobePEER Remote will not receive them.
|Evaluation Order||Group||Action||BGP Standard Community (RFC 1997)||BGP Extended Community (RFC 4360)||BGP Large Community (RFC 8092)|
|2||ASN based||Do not redistribute to $PEER-AS||0:$PEER-AS||rt:0:$PEER-AS||6695:0:PEER-AS|
|3||Redistribute to $PEER-AS*||6695:$PEER-AS||rt:6695:$PEER-AS||6695:1:$PEER-AS|
|4||Switch based||Do not redistribute to $SWITCH||65221:$SWITCH||/||6695:921:$SWITCH|
|5||Redistribute to $SWITCH*||65211:$SWITCH||/||6695:911:$SWITCH|
|6||Metro based||Do not redistribute to $METRO||65222:$METRO||6695:922:$METRO|
|7||Redistribute only to local peers**|
This is a shortcut for 0:6695 and 65222:$METRO
(where $METRO equals the local metro region)
|8||Redistribute to $METRO*||65212:$METRO||/||6695:912:$METRO|
|9||Country based||Do not redistribute to $COUNTRY||65223:$COUNTRY||/||6695:923:$COUNTRY|
|10||Redistribute to $COUNTRY*||65213:$COUNTRY||/||6695:913:$COUNTRY|
|11||Continent based||Do not redistribute to $CONTINENT||65224:$CONTINENT||/||6695:924:$CONTINENT|
|12||Redistribute to $CONTINENT*||65214:$CONTINENT||/||6695:914:$CONTINENT|
|13||General||Do not redistribute||0:6695||rt:0:6695||6695:0:0|
|14||Redistribute to all (default)||6695:6695||rt:6695:6695||6695:1:0|
* Only useful in combination with one or more "do not announce" BGP Communities with lower priority that will allow an override (e.g. 6695:$PEER-AS can provide a selective override for 65222:$METRO)
** Only useful when announced to your local route server. E.g. if your access location is HAM then announce this community only to the HAM RS and not to other GlobePEER Remote location RS (e.g. FRA). They will not consider you as "local" and ignore any "only to local peers" Community received from remote peers. In this example it would be sufficient to only announce to the local HAM RS and not to RS of GlobePEER Remote locations.
The route servers remove the aforementioned BGP Communities and BGP Extended Communities from a BGP announcement before re-distributing it.
The well-known BGP Communities NO_EXPORT (65535:65281) and NO_ADVERTISE (65535:65282) are also honored meaning that a BGP announcement marked by one of these communities is not re-distributed to any peer. If you want the route server system to add a NO_EXPORT or NO_ADVERTISE community for a given BGP announcement before re-distributing, you have to add the community (6695:65281) or (6695:65282) respectively. This is also possible on a per-peer basis using BGP Large Communities:
- (6695:901:$PEER-AS) for selective NO_EXPORT and
- (6695:902:$PEER-AS) for selective NO_ADVERTISE
|BGP Standard Community (RFC 1997)||BGP Large Community (RFC 8092)|
|add NO_EXPORT selective||/||6695:901:$PEER-AS|
|add NO_ADVERTISE selective||/||6695:902:$PEER-AS|
More than one of the aforementioned BGP Communities and BGP Extended Communities can be added to a single BGP announcement. DE-CIX recommends not to add more than 50 of these communities as it makes handling complex and error-prone. If you need to do this, please contact Customer Service.
All BGP Communities and BGP Extended Communities that are not listed above are not touched by the route servers and transparently re-distributed. For backwards compatibility, routes with no community at all are distributed to all peers as well.
You can check this in the DE-CIX Looking Glass. If you type your ASN into the global search field, you will find all matching prefixes from all DE-CIX route servers on all DE-CIX Internet Exchanges. By clicking on a prefix, you get the prefix information dialogue with details (BGP Comunities etc.). You can apply further filters, e.g. filter for a specific route server or IX. More information how to use the DE-CIX Looking Glass can be found here.
How the different communities can be used
Examples for Frankfurt
Please note: In the following examples we only make use of Extended and Large Communities when it becomes necessary.
BGP announcements marked with the following communities are only re-distributed to AS64501 and AS64502 (both 2 Byte ASNs):
BGP announcements marked with the following communities are re-distributed to all peers/ ASNs except AS64501 and AS64502:
BGP announcements tagged with the following communities are only re-distributed to AS65550 (4 Byte ASN) and AS64501 (2 Byte ASN):
- (rt:6695:65550) or (6695:1:65550)
BGP announcements tagged with the following communities are only re-distributed to other FRA peers:
BGP announcements tagged with the following communities are only re-distributed to peers of other DE-CIX IXPs in Germany (where GlobePEER Remote is available):
BGP announcements tagged with the following communities are not re-distributed to peers of DE-CIX MRS:
BGP announcements tagged with the following communities are not re-distributed to Americas:
BGP announcements tagged with the following communities are only re-distributed to peers of DE-CIX DUS and MUC, but not to e1.muc2 and AS65550 (4 Byte ASN):
- (rt:0:65550) or (6695:0:65550)
AS Path Prepending
You can use BGP communities to prepend your own ASN up to three times. This can be done to all other peers or selective to only certain peers.
|BGP Standard Community (RFC 1997)||BGP Extended Community (RFC 4360||BGP Large Community (RFC 8092)|
|Prepend three times||65003:0||/||6695:103:0|
|Prepend once selective||65001:$PEER-AS||rt:65001:$PEER-AS||6695:101:$PEER-AS|
|Prepend twice selective||65002:$PEER-AS||rt:65002:$PEER-AS||6695:102:$PEER-AS|
|Prepend three times selective||65003:$PEER-AS||rt:65003:$PEER-AS||6695:103:$PEER-AS|
Graceful BGP Session Shutdown
The DE-CIX route servers support RFC 8326 (Graceful BGP Session Shutdown). With this well-known BGP Community, you can instruct the route servers to calculate and redistribute an alternate path (if available) for your advertised prefixes before you start commencing your maintenance. This makes sure that routers of other customers have fully converged before you interrupt L2 connectivity and thereby so called micro blackholing is prevented.
- Setting BGP Community GRACEFUL_SHUTDOWN (65535:0) on all you advertised prefixes. The route server will set BGP local preference to 0 for these prefixes.
- The route server will calculate alternative paths for your advertised prefixes (if available) and redistribute these to other peers. Prefixes with no alternative path will get redistributed with BGP Community GRACEFUL_SHUTDOWN.
- You should also apply GRACEFUL_SHUTDOWN on the inbound policy of you eBGP session.
- After convergence has completed, you can safely shut down the BGP session. At this point, routers of other customers have learned alternative paths for your prefixes (if available) from the route server and forward traffic on the new path.