Scribd Logo
Upload

Welcome to Scribd!

  • 128 views

    BGP Communities

    Uploaded by

    budi
    The document describes how customers of AS13030 (Init7) can use BGP communities to control route propagation and traffic handling for their announced prefixes. It defines communities for blackholing, regional prepending/not announcing, and informative tagging. Examples are given to illustrate different uses of the communities.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd

    BGP Communities

    Uploaded by

    budi
    128 views14 pages
    The document describes how customers of AS13030 (Init7) can use BGP communities to control route propagation and traffic handling for their announced prefixes. It defines communities for blackholing, regional prepending/not announcing, and informative tagging. Examples are given to illustrate different uses of the communities.

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    The document describes how customers of AS13030 (Init7) can use BGP communities to control route propagation and traffic handling for their announced prefixes. It defines communities for blackholing, regional prepending/not announcing, and informative tagging. Examples are given to illustrate different uses of the communities.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    128 views14 pages

    BGP Communities

    Uploaded by

    budi
    The document describes how customers of AS13030 (Init7) can use BGP communities to control route propagation and traffic handling for their announced prefixes. It defines communities for blackholing, regional prepending/not announcing, and informative tagging. Examples are given to illustrate different uses of the communities.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    of 14

    BGP Communities

    For Init7 customers

    Author: Init7 NOC


    Date: 02.10.2019
    Release: Q4 2019

    06/08/19 Page 1 of 14
    Table of Contents

    General Rules 3
    Verification 4
    Blackhole 4
    Concept 4
    Example I 4
    Not-Announce & Prepend 5
    Concept 5
    Action 5
    Location / IXP / Peer 6
    Example II 8
    Local-pref 8
    Example III 9
    Informative Communities 10
    Tagging by Country 10
    Tagging by Pop 11
    Switzerland 11
    Germany 11
    France 12
    Spain 12
    Italy 12
    The Netherlands 12
    Denmark 12
    United Kingdom 12
    Poland 12
    United States 12
    Austria 12
    Tagging by IXP 13

    06/08/19 Page 2 of 14
    AS13030 BGP Communities
    Init7 / AS13030 allows customers to modify various attributes of their announced prefixes within
    the AS13030 backbone. Customers can blackhole a net or a single IPv4/IPv6 address..
    Additionally they can prepend or not announce certain prefixes regionally, at specific IXP's or to
    private peers. It is also possible to change the local-pref, in case a customer wants to direct his
    inbound traffic over one specific BGP session with Init7 (only if there is more than one session
    with AS13030).

    This documentation is valid for IPv4 as well as for IPv6.

    1 General Rules
    The following inbound rules apply to every Init7 customer BGP session:
    • Prefixes longer than /24 (IPv4) respectively /48 (IPv6) are not permitted (except for blackholing
    purposes) Advertisements tagged with our own "internal use only" communities (_13030:.*_)
    will be denied
    • RFC1918 and other reserved networks and subnets are not permitted
    • Not-announce and prepend actions as described below apply to non-customer peer
    announcements
    • MED's (Multi Exit Discriminator) will be overwritten, except if otherwise agreed
    • The standard local-pref for customers is 300

    06/08/19 Page 3 of 14
    1.1 Verification
    To check announcements we provide a looking-glass tool on our website to see what our
    customers' prefixes look like within AS13030.
    http://www.init7.net/looking-glass/

    1.2 Blackhole
    Init7 offers BGP customers the opportunity to manage a null route for their hosts/subnets in the
    event of a DDoS attack; thus preventing the customer from being overwhelmed with malicious
    traffic and them giving the flexibility to take the necessary counter-measures without contacting
    the Init7 NOC.

    1.2.1 Concept
    Traffic destined for a prefix tagged with this community will be discarded at ingress to the
    AS13030 network. This prefix can either be a host route or a more-specific netblock from a
    registered prefix that already belongs to the customer and is allowed within the inbound prefix-
    list.

    BGP Community Description


    65000:666 Blackhole Community

    1.2.2 Example I
    The example below illustrates the use of this community.
    A customer with ASN 1234 sends Init7 a route tagged with community "65000:666"

    This route will be marked as blackholed and all traffic destined for this route will be discarded on
    every edge router within the AS13030 backbone.

    The output below shows that r1.as13030.net is receiving a 2.2.2.2/32 prefix from AS1234
    (customer) tagged with the community 65000:666. When received, the communities
    "65000:666" and "no-export" are set and the next-hop will be changed to the IP 6.6.6.6 which is
    NULL-routed and hence dropped on every Init7 edge router.

    r1.as13030.net#sh ip bgp neigh 1.1.1.2 received-routes detail


    1 Prefix: 2.2.2.2/32, Status: BE, Age: 1d0h0m0s NEXT_HOP:
    1.1.1.2, Learned from Peer: 1.1.1.2 (1234)
    AS_PATH: 1234
    COMMUNITIES: 65000:666
    r1.as13030.net#sh ip bgp routes detail 2.2.2.2
    1 Prefix: 2.2.2.2/32, Status: BE, Age: 1d0h0m0s

    06/08/19 Page 4 of 14
    NEXT_HOP: 6.6.6.6, Learned from Peer: 1.1.1.2 (1234)
    AS_PATH: 1234
    COMMUNITIES: 65000:666 no-export
    r1.as13030.net#sh ip route 2.2.2.2
    Destination Gateway Port Cost
    1 2.2.2.2/32 DIRECT drop 20/0

    06/08/19 Page 5 of 14
    1.3 Not-Announce & Prepend
    Any allowed prefix announced with those communities will either not be announced or
    prepended towards the respective eBGP peer of AS13030. This can either be regionally, by IXP
    (internet exchange point), our transit or a private peer.

    1.3.1 Concept
    All communities that control route propagation are in the format 6500X:Y, where X stands for the
    action and Y for the location/peer variable.

    1.3.2 Action

    Value X Community Description


    1 65001:y prepend once
    2 65002:y prepend twice
    3 65003:y prepend three times
    9 65009:y not announce

    1.3.3 Location / IXP / Peer

    Value Y Community Location / Peer


    Continental
    1 6500x:1 Europe
    2 6500x:2 USA / Canada
    3 6500x:3 South America
    4 6500x:4 Asia
    5 6500x:5 Africa
    6 6500x:6 Australia / New Zealand
    Transit
    7 6500x:7 Transit

    06/08/19 Page 6 of 14
    IXP's (Internet exchange points)
    4001 6500x:4001 SwissIX Zürich
    4004 6500x:4004 DE-CIX (FRA-3 Interxion) Frankfurt
    4005 6500x:4005 DE-CIX (FRA-2 Ancotel) Frankfurt
    4006 6500x:4006 LINX Juniper LAN London
    4007 6500x:4007 LINX Extreme LAN London
    4008 6500x:4008 AMS-IX (AMS-2 NIKHEF #1) Amsterdam
    4009 6500x:4009 Equinix Paris
    4010 6500x:4010 Espanix Madrid
    4011 6500x:4011 AMS-IX (AMS-2 NIKHEF #2) Amsterdam
    4012 6500x:4012 DE-CIX Madrid
    4013 6500x:4013 MIX Milano
    4014 6500x:4014 MINAP Milan
    4015 6500x:4015 DIX Copenhagen
    4016 6500x:4016 CIXP Geneva
    4018 6500x:4018 PLIX Warsaw
    4020 6500x:4020 VIX Vienna
    4021 6500x:4021 LONAP London
    4022 6500x:4022 BCIX Berlin
    4023 6500x:4023 Equinix Zürich
    4024 6500x:4024 DECIX Marseille
    4025 6500x:4025 France IX Marseille
    4026 6500x:4026 France IX Paris
    4201 6500x:4201 Any2 Los Angeles
    4204 6500x:4204 NYIIX New York
    4205 6500x:4205 NOTA Miami
    4206 6500x:4206 Equinix NYC (former PAIX NYC) New York
    4207 6500x:4207 Equinix IAD Ashburn
    4210 6500x:4210 DE-CIX New York
    4211 6500x:4211 FL-IX Miami
    Peers
    8001 6500x:8001 Switch (AS559)
    8002 6500x:8002 UPC (AS6830)
    8005 6500x:8005 Solnet (AS9044)
    8006 6500x:8006 Finecom (AS15600)
    8007 6500x:8007 ATOM86 (AS8455)
    8008 6500x:8008 Leaseweb (AS16265)
    8009 6500x:8009 Microsoft (AS8075)
    8010 6500x:8010 IPTP (AS41095)
    8011 6500x:8011 Swisscom (AS3303)

    06/08/19 Page 7 of 14
    8012 6500x:8012 Vodafone GlobalNet (ex. C&W / AS1273)
    8014 6500x:8014 Talktalk (AS13285)
    8015 6500x:8015 Sunrise (AS6730)
    8016 6500x:8016 PCCW (AS3491)
    8021 6500x:8021 Portugal Telecom (AS8657)
    8022 6500x:8022 ROMTelecom S.A. (AS9050)
    8023 6500x:8023 Limelight Networks (AS22822)
    8025 6500x:8025 Core-Backbone (AS33891)
    8026 6500x:8026 Google (AS15169)
    8027 6500x:8027 BHARTI Airtel Ltd. (AS9498)
    8029 6500x:8029 Netstream (AS15517)
    8030 6500x:8030 Etisalat (AS8966)
    8031 6500x:8031 Datahop (AS6908)
    8033 6500x:8033 BICS (AS6774)
    8034 6500x:8034 Mobile TeleSystems OJSC (AS8359)
    8036 6500x:8036 Tineo (AS42346)
    8037 6500x:8037 Highwinds (AS12989)
    8038 6500x:8038 Rostelecom (AS12389)
    8039 6500x:8039 Prolocation (AS41887)
    8040 6500x:8040 Netia (AS12741)
    8041 6500x:8041 VTX (AS12350)
    8043 6500x:8043 Apple CDN (AS6185)
    8044 6500x:8044 NetCologne (AS8422)
    8046 6500x:8046 Amazon (AS16509)
    8047 6500x:8047 Online.net (AS12876)
    8051 6500x:8051 hetzner.de (AS24940)
    8052 6500x:8052 A1 Telecom Austria (AS8447)
    8053 6500x:8053 METANET GmbH (AS21069)
    8055 6500x:8055 Zattoo (AS8302)
    8056 6500x:8056 Facebook (AS32934)
    8057 6500x:8057 Twitch (AS46489)
    8058 6500x:8058 LWLcom GmbH (AS50629)
    8059 6500x:8059 Apple Inc (AS714)
    8060 6500x:8060 netplus.ch (AS15547)
    8061 6500x:8061 Cyberlink (AS15623)
    8062 6500x:8062 SysEleven (AS25291)

    06/08/19 Page 8 of 14
    1.3.4 Example II
    The example below illustrates the use of these communities. A customer with ASN 1234 sends
    Init7
    a route tagged with communities "65001:2 65003:4016 65002:8004 65009:7"
    When that route is propagated across Init7 peering connections:
    • Every peer in the USA and Canada will see an AS path of: "13030 13030 1234"
    • All peers at CIXP will see an AS path of: 13030 13030 13030 13030 1234"
    • Solnet (AS9044) will see an AS path of: "13030 13030 13030 1234"
    • Our Transit will not see the route at all
    • All other peers will see the normal AS path of: "13030 1234"

    1.4 Local-pref
    The local-pref communities are used in case a customer has more than one BGP session with
    Init7 and wants to prefer his inbound traffic over one specific session, thus creating a backup
    path. By setting the local-pref lower than the standard for customers (300) on one path, all
    traffic to the customer will flow over the path with the higher local-pref. The following local-pref
    settings are available and can be controlled with the following communities:

    BGP Community Description


    65000:280 set local-pref to 280 (lowest)
    65000:290 set local-pref to 290 (lower than standard)

    06/08/19 Page 9 of 14
    1.4.1 Example III
    This example below illustrates the use of local-pref communities. A customer with ASN 1234
    sends
    Init7 a route tagged with community "65000:290"
    The local-pref on this route will be set to 290, therefore all traffic to the customer will flow over
    the second session with the higher local-pref (300)

    From the ouput below you can see that r1.as13030.net learns the route 2.2.2.0/24 over two
    different customer BGP sessions (1.1.1.2 and 1.1.1.5 with AS1234). On the first session the
    prefix is announced without any communities and on the second one with community 65000:290
    for which r1.as13030.net sets the local-pref to 290. As mentioned, it prefers the path with the
    highest local-pref (300) and markes it as best (BE). The path over 1.1.1.5 will now only be used
    as backup and won't see any traffic towards the customer unless the first one goes down.

    r1.as13030.net#sh ip bgp routes detail 2.2.2.0


    1 Prefix: 2.2.2.0/24, Status: BE, Age: 1d0h0m0s
    NEXT_HOP: 1.1.1.2, Metric: 0, Learned from Peer: 1.1.1.2 (1234)
    LOCAL_PREF: 300
    AS_PATH: 1234
    COMMUNITIES:
    2 Prefix: 2.2.2.0/24, Status: E, Age: 1d0h0m0s
    NEXT_HOP: 1.1.1.5, Metric: 0, Learned from Peer: 1.1.1.5 (1234)
    LOCAL_PREF: 290
    AS_PATH: 1234
    COMMUNITIES: 65000:290

    06/08/19 Page 10 of 14
    2 Informative Communities
    Init7 / AS13030 tagged incoming routes with several communities; the lists below explain them.

    2.1 Tagging by Country

    BGP Community Country


    13030:511xx CH / Switzerland
    13030:512xx DE / Germany
    13030:513xx FR / France
    13030:514xx ES / Spain
    13030:525xx IT / Italy
    13030:515xx NL / The Netherlands
    13030:516xx DK / Denmark
    13030:517xx UK / United Kingdom
    13030:518xx PL / Poland
    13030:519xx US / United States
    13030:520xx CA / Canada
    13030:521xx BE / Belgium
    13030:522xx AT / Austria
    13030:523xx RU / Russia
    13030:524xx CZ / Czech Republic

    06/08/19 Page 11 of 14
    2.2 Tagging by Pop

    2.2.1 Switzerland

    BGP Community Pop Bezeichnung


    13030:51102 ZRH-2 Equinix Zurich ZH2
    13030:51140 ZRH-3 green.ch Schlieren
    13030:51141 ZRH-5 Equinix Zurich ZH5 Oberengstringen
    13030:51139 ZRH-9 Swisscom Zurich Herdern
    13030:51107 GLB-1 Interxion Glattbrugg
    13030:51108 BRN-1 Zayo (Ex-Viatel) Bern
    13030:51112 ZRH-10 Airport Zurich
    13030:51113 WIN-1 Stadtwerk Winterhur
    13030:51114 WIN-4 Init7 (Switzerland) AG Winterthur
    13030:51116 BSL-1 IWB Basel
    13030:51117 GVA-1 Equinix 1 Geneva
    13030:51118 ZUG-2 Init7 (Switzerland) AG Zug
    13030:51121 BSL-2 Tineo Münchenstein
    13030:51124 WIL-1 Online Consulting AG Wil
    13030:51125 GVA-3 CERN Geneva
    13030:51127 QLS-1 Brainserve Crissier
    13030:51128 ZRH-6 e-Shelter Rümlang
    13030:51129 ZRH-8 green.ch Lupfig
    13030:51130 BSL-3 ColoBâle Pratteln
    13030:51131 WIN-6 Data:Hub Winterthur
    13030:51132 EPE-1 Zayo (Ex-Viatel) Ependes
    13030:51133 OLT-1 Zayo (Ex-Viatel) Olten
    13030:51134 WIN-7 AXA Winterthur
    13030:51135 WIN-8 Technopark Winterthur
    13030:51136 STG-2 Init7 St. Gallen
    13030:51137 GLB-3 Interxion Glattbrugg
    13030:51138 WIL-2 Init7 Wil SG
    13030:51139 ZRH-7 Init7 Zurich Letzigraben

    06/08/19 Page 12 of 14
    2.2.2 Germany

    BGP Community Pop Bezeichnung


    13030:51202 FRA-2 Equinix 5 Frankfurt
    13030:51203 FRA-3 InterXion 3 Frankfurt
    13030:51212 DUS-1 InterXion Dusseldorf
    13030:51214 BER-1 IPB Berlin

    2.2.3 France

    BGP Community Pop Bezeichnung


    13030:51301 PAR-1 Telehouse Voltaire Paris
    13030:51302 MRS-1 interXion Marseille

    2.2.4 Spain

    BGP Community Pop Bezeichnung


    13030:51403 MAD-3 InterXion Madrid

    2.2.5 Italy

    BGP Community Pop Bezeichnung


    13030:52501 MXP-1 MIX Milano

    2.2.6 The Netherlands

    BGP Community Pop Bezeichnung


    13030:51502 AMS-2 NIKHEF Amsterdam

    2.2.7 Denmark

    BGP Community Pop Bezeichnung


    13030:51601 CPH-2 InterXion Copenhagen

    2.2.8 United Kingdom

    BGP Community Pop Bezeichnung


    13030:51701 LON-1 Telehouse North London
    13030:51702 LON-2 Telehouse East London

    06/08/19 Page 13 of 14
    2.2.9 Poland

    BGP Community Pop Bezeichnung


    13030:51801 WAW-1 Equinix (Ex-Telecity) Warsaw

    2.2.10 United States

    BGP Community Pop Bezeichnung


    13030:51901 MIA-1 Equinix (Ex-Terremark / Verizon) Miami
    13030:51902 LAX-1 CoreSite Los Angeles
    13030:51903 IAD-1 Equinix Ashburn
    13030:51904 NYC-2 Telehouse New York
    13030:51905 NYC-3 165 Halsey Street Newark NJ

    2.2.11 Austria

    BGP Community Pop Bezeichnung


    13030:52201 VIE-1 InterXion Vienna

    2.3 Tagging by IXP

    BGP Community IXPs Region


    13030:4000 – 13030:4199 Europe
    13030:4200 – 13030:4399 USA / Canada
    13030:4400 – 13030:4499 South America
    13030:4500 – 13030:4599 Asia
    13030:4600 – 13030:4699 Africa
    13030:4700 – 13030:4799 Australia / New Zealand

    A list of all existing IXP's can be found on page 6.

    06/08/19 Page 14 of 14

    You might also like