BGP community is extra information that the advertised routes can be tagged with, allowing the router on the other end or a BGP peer to better classify/ handle routes sharing common property.

The community value is a 32-bit field that is divided into two sub-fields. The first two bytes encode the AS number of the network that originated the community and the last two bytes carry a unique number assigned by the AS. Communities add power to BGP, changing it from a routing protocol to a tool for signaling and policy enforcement.

Note:

This feature is not supported for IPv6.

Use Cases

  • BGP community is useful when there are common requirements for a range of IP addresses or a network.

  • It provides a better understanding of the network topology and routing policy requirements.

  • It makes scalability, operation, and troubleshooting of a network easier. For more information on the BGP community, see An Application of the BGP Community Attribute.

Working Principle

NSX Advanced Load Balancer supports the new ip_community option in the BGP configuration. You can conveniently tag a virtual IP address (VIP) or a backend server IP address advertised from an NSX Advanced Load Balancer Service Engine with appropriate communities. Tagging allows BGP peers to handle BGP routes with discretion.

Configuration

Login to the NSX Advanced Load Balancer Controller command line interface (CLI) and follow the steps to configure the BGP community for all routes advertised to a BGP peer:

[admin:controller]: > configure vrfcontext global
Updating an existing object. Currently, the object is:
+----------------+-------------------------------------------------+
| Field          | Value                                           |
+----------------+-------------------------------------------------+
| uuid           | vrfcontext-ded10944-53da-4542-bbf1-1cd4f300fb29 |
| name           | global                                          |
| system_default | True                                            |
| tenant_ref     | admin                                           |
| cloud_ref      | Default-Cloud                                   |
+----------------+-------------------------------------------------+
[admin:controller]: vrfcontext> bgp_profile
[admin:controller]: vrfcontext:bgp_profile>
cancel               Exit the current submode without saving
community            Community string either in aa:nn format where aa, nn is within [1,65535] or local-AS|no-advertise|no-export|internet.
do                   Execute a show command
hold_time            Hold time for Peers
ibgp                 BGP peer type
ip_communities         (submode)
keepalive_interval   Keepalive interval for Peers
local_as             Local Autonomous System ID
new                  (Editor Mode) Create new object in editor mode
no                   Remove field
peers                (submode)
save                 Save and exit the current submode
send_community       Send community attribute to all peers.
show_schema          show object schema
watch                Watch a given show command
where                Display the in-progress object
[admin:controller]: vrfcontext:bgp_profile>
 
[admin:controller]: vrfcontext:bgp_profile> community internet
[admin:controller]: vrfcontext:bgp_profile> community 10:10
[admin:controller]: vrfcontext:bgp_profile> community 65000:20
[admin:controller]: vrfcontext:bgp_profile> save
[admin:controller]: vrfcontext> save
 
+---------------------------+-----------------------------------------------------------------------+
| Field                     | Value                                                                 |
+---------------------------+-----------------------------------------------------------------------+
| uuid                      | vrfcontext-ded10944-53da-4542-bbf1-1cd4f300fb29                       |
| name                      | global                                                                |
| bgp_profile               |                                                                       |
|   local_as                | 65000                                                                 |
|   ibgp                    | True                                                                  |
|   keepalive_interval.     | 60                                                                    |
|   hold_time               | 180                                                                   |
|   send_community          | True                                                                  |
|   community[1]            | internet                                                              |
|   community[2]            | 10:10                                                                 |
|   community[3]            | 65000:20                                                              |
| system_default            | True                                                                  |
| tenant_ref                | admin                                                                 | 
| cloud_ref                 | Default-Cloud                                                         |
+---------------------------+-----------------------------------------------------------------------+

Follow the steps to delete one of the configured communities:

[admin:controller]: > configure vrfcontext global
[admin:controller]: vrfcontext> bgp_profile
[admin:controller]: vrfcontext:bgp_profile> no community 10:10
Removed community 10:10
[admin:controller]: vrfcontext:bgp_profile> save
[admin:controller]: vrfcontext> save

+----------------------------+-------------------------------------------------+
| Field                      | Value                                           |
+----------------------------+-------------------------------------------------+
| uuid                       | vrfcontext-ded10944-53da-4542-bbf1-1cd4f300fb29 |
| name                       | global                                          |
| bgp_profile                |                                                 |
|   local_as                 | 65000                                           |
|   ibgp                     | True                                            |
|   peers[1]                 |                                                 |
|     remote_as              | 1                                               |
|                            |                                                 |
|   send_community           | True                                            |
|   community[1]             | internet                                        |
|   community[2]             | 65000:20                                        |
| system_default             | True                                            |
| tenant_ref                 | admin                                           |
| cloud_ref                  | Default-Cloud                                   |
+----------------------------+-------------------------------------------------+

Steps to configure a BGP community specific to routers belonging to an IP range.

The below example shows how to tag any routes with a specific community that will be applied to only a specific IP range. This IP-specific community overrides the default community in bgp_profile that applies to all routes.

[admin:controller]: > configure vrfcontext global
[admin:controller]: vrfcontext> bgp_profile
[admin:controller]: vrfcontext:bgp_profile> ip_communities
New object being created
[admin:controller]: vrfcontext:bgp_profile:ip_communities>
cancel        Exit the current submode without saving
community     Community string either in aa:nn format where aa, nn is within [1,65535] or local-AS|no-advertise|no-export|internet.
do            Execute a show command
ip_begin      Beginning of IP address range.
ip_end        End of IP address range. Optional if ip_begin is the only ip address in specified ip range.
no            Remove field
save          Save and exit the current submode
show_schema   show object schema
watch         Watch a given show command
where         Display the in-progress object
[admin:controller]: vrfcontext:bgp_profile:ip_communities> ip_begin 10.70.163.100
[admin:controller]: vrfcontext:bgp_profile:ip_communities> ip_end 10.70.163.200
[admin:controller]: vrfcontext:bgp_profile:ip_communities> community 200:200
[admin:controller]: vrfcontext:bgp_profile:ip_communities> community 100:100
[admin:controller]: vrfcontext:bgp_profile:ip_communities> save
[admin:controller]: vrfcontext:bgp_profile> save
[admin:controller]: vrfcontext> save
+----------------------------+-------------------------------------------------+
| Field                      | Value                                           |
+----------------------------+-------------------------------------------------+
| uuid                       | vrfcontext-ded10944-53da-4542-bbf1-1cd4f300fb29 |
| name                       | global                                          |
| bgp_profile                |                                                 |
|   local_as                 | 65000                                           |
|   ibgp                     | True                                            |
|   peers[1]                 |                                                 |
|     remote_as              | 1                                               |
|                            |                                                 |
|   hold_time                | 180                                             |
|   send_community           | False                                           |
|   community[1]             | internet                                        |
|   community[2]             | 65000:20                                        |
|   ip_communities[1]        |                                                 |
|     ip_begin               | 10.70.163.100                                   |
|     ip_end                 | 10.70.163.200                                   |
|     community[1]           | 200:200                                         |
|     community[2]           | 100:100                                         |
| system_default             | True                                            |
| tenant_ref                 | admin                                           |
| cloud_ref                  | Default-Cloud                                   |
+----------------------------+-------------------------------------------------+

Follow the steps mentioned to configure a BGP community for a single IP address (for instance, a VIP address) that is advertised to a BGP peer. While configuring a community for the single IP address, ip_end is optional. The user can however configure both ip_begin and ip_end to the same IP address without any issue.

[admin:controller]: vrfcontext> bgp_profile
[admin:controller]: vrfcontext:bgp_profile> ip_communities
New object being created
[admin:controller]: vrfcontext:bgp_profile:ip_communities> ip_begin 10.70.164.150
[admin:controller]: vrfcontext:bgp_profile:ip_communities> community 150:150
[admin:controller]: vrfcontext:bgp_profile:ip_communities> save
[admin:controller]: vrfcontext:bgp_profile> save
[admin:controller]: vrfcontext> save
+----------------------------+-------------------------------------------------+
| Field                      | Value                                           |
+----------------------------+-------------------------------------------------+
| uuid                       | vrfcontext-ded10944-53da-4542-bbf1-1cd4f300fb29 |
| name                       | global                                          |
| bgp_profile                |                                                 |
|   local_as                 | 65000                                           |
|   ibgp                     | True                                            |
|   peers[1]                 |                                                 |
|                            |                                                 |
|   hold_time                | 180                                             |
|   send_community           | True                                            |
|   community[1]             | internet                                        |
|   community[2]             | 65000:20                                        |
|   ip_communities[1]        |                                                 |
|     ip_begin               | 10.70.163.100                                   |
|     ip_end                 | 10.70.163.200                                   |
|     community[1]           | 200:200                                         |
|     community[2]           | 100:100                                         |
|   ip_communities[2]        |                                                 |
|     ip_begin               | 10.70.164.150                                   |
|     community[1]           | 150:150                                         |
| system_default             | True                                            |
| tenant_ref                 | admin                                           |
| cloud_ref                  | Default-Cloud                                   |
+----------------------------+-------------------------------------------------+

Follow the CLI commands to stop tagging BGP advertised routes with the community. This command stops tagging routes with the community while preserving the configuration.

The user can enable tagging at a later time if required.

[admin:controller]: > configure vrfcontext global
[admin:controller]: vrfcontext> bgp_profile
[admin:controller]: vrfcontext:bgp_profile> no send_community
+--------------------------+----------------+
| Field                    | Value          |
+--------------------------+----------------+
| local_as                 | 65000          |
| ibgp                     | True           |
| peers[1]                 |                |
|   remote_as              | 1              |
|                          |                |
| hold_time                | 180            |
| send_community           | False          |
| community[1]             | internet       |
| community[2]             | 65000:20       |
| ip_communities[1]        |                |
|   ip_begin               | 10.70.163.100  |
|   ip_end                 | 10.70.163.200  |
|   community[1]           | 200:200        |
|   community[2]           | 100:100        |
| ip_communities[2]        |                |
|   ip_begin               | 10.70.164.150  |
|   community[1]           | 150:150        |
+--------------------------+----------------+
[admin:controller]: vrfcontext:bgp_profile> save

Follow the NSX Advanced Load Balancer CLI commands to delete the configured ip_communities:

|   send_community           | False                                           |
|   community[1]             | local-AS                                        |
|   community[2]             | no-export                                       |
|   ip_communities[1]        |                                                 |
|     ip_begin               | 10.70.163.100                                   |
|     ip_end                 | 10.70.163.200                                   |
|     community[1]           | 200:200                                         |
|     community[2]           | 100:100                                         |
|   ip_communities[2]        |                                                 |
|     ip_begin               | 10.70.164.150                                   |
|     community[1]           | 150:150                                         |
| system_default             | True                                            |
| tenant_ref                 | admin                                           |
| cloud_ref                  | Default-Cloud                                   |
+----------------------------+-------------------------------------------------+
[admin:controller]: > configure vrfcontext global
[admin:controller]: vrfcontext> bgp_profile
[admin:controller]: vrfcontext:bgp_profile> no ip_communities index 1
Removed ip_communities with index 1
+--------------------------+----------------+
| Field                    | Value          |
+--------------------------+----------------+
| local_as                 | 65000          |
| ibgp                     | True           |
| peers[1]                 |                |
|   remote_as              | 1              |
|                          |                |
| hold_time                | 180            |
| send_community           | False          |
| community[1]             | internet       |
| community[2]             | 65000:20       |
| ip_communities[1]        |                |
|   ip_begin               | 10.70.164.150  |
|   community[1]           | 150:150        |
+--------------------------+----------------+

Follow the steps to enable the community tags for the BGP-advertised routes:

[admin:controller]: > configure vrfcontext global
[admin:controller]: vrfcontext> bgp_profile
[admin:controller]: vrfcontext:bgp_profile> send_community
Overwriting the previously entered value for send_community
[admin:controller]: vrfcontext:bgp_profile> save
[admin:controller]: vrfcontext> save
s+----------------------------+------------------------------------------------+
| Field                      | Value                                           |
+----------------------------+-------------------------------------------------+
| uuid                       | vrfcontext-ded10944-53da-4542-bbf1-1cd4f300fb29 |
| name                       | global                                          |
| bgp_profile                |                                                 |
|   local_as                 | 65000                                           |
|   ibgp                     | True                                            |
|   peers[1]                 |                                                 |
|     remote_as              | 1                                               |
|     peer_ip                | 10.70.163.23                                    |
|     subnet                 | 10.70.163.0/24                                  |
|     md5_secret             | sensitive                                       |
|     bfd                    | True                                            |
|     advertise_vip          | True                                            |
|     advertise_snat_ip      | True                                            |
|     advertisement_interval | 5                                               |
|     connect_timer          | 10                                              |
|     keepalive_interval     | 60                                              |
|     hold_time              | 180                                             |
|     ebgp_multihop          | 0                                               |
|     peers[2]               |                                                 |
|     remote_as              | 1                                               |
|     peer_ip                | 10.70.164.21                                    |
|     subnet                 | 10.70.164.0/24                                  |
|     md5_secret             | sensitive                                       |
|     bfd                    | True                                            |
|     advertise_vip          | True                                            |
|     advertise_snat_ip      | True                                            |
|     advertisement_interval | 5                                               |
|     connect_timer          | 10                                              |
|     keepalive_interval     | 60                                              |
|     hold_time              | 180                                             |
|     ebgp_multihop          | 0                                               |
|   keepalive_interval       | 60                                              |
|   hold_time                | 180                                             |
|   send_community           | True                                            |
|   community[1]             | internet                                        |
|   community[2]             | 65000:20                                        |
|   ip_communities[1]        |                                                 |
|     ip_begin               | 10.70.164.150                                   |
|     community[1]           | 150:150                                         |
| system_default             | True                                            |
| tenant_ref                 | admin                                           |
| cloud_ref                  | Default-Cloud                                   |
+----------------------------+-------------------------------------------------+

It is possible to tag routes advertised to a BGP peer with a standard community. NSX Advanced Load Balancer supports tagging of the routes in BGP sub mode only. NSX Advanced Load Balancer does not support tagging of the communities on a per route basis.

[admin:controller]: > configure vrfcontext global
Updating an existing object. Currently, the object is:
+----------------+-------------------------------------------------+
| Field          | Value                                           |
+----------------+-------------------------------------------------+
| uuid           | vrfcontext-3cc726d3-d94a-4eb0-9c70-f70d7e1b185e |
| name           | global                                          |
| system_default | True                                            |
| tenant_ref     | admin                                           |
| cloud_ref      | Default-Cloud                                   |
+----------------+-------------------------------------------------+
[admin:controller]: vrfcontext> bgp_profile
[admin:controller]: vrfcontext:bgp_profile> 
cancel               Exit the current submode without saving
community            List of community attributes. Valid values are "internet", "local-AS", "no-advertise", "no-export". Community can also be specified in : format where AS,Val are in the range [1,65535].
do                   Execute a show command
hold_time            Hold time for Peers
ibgp                 BGP peer type
keepalive_interval   Keepalive interval for Peers
local_as             Local Autonomous System ID
new                  (Editor Mode) Create new object in editor mode
no                   Remove field
peers                (submode)
save                 Save and exit the current submode
send_community       Send community attribute to all peers(True by default)
show_schema          show object schema
watch                Watch a given show command
where                Display the in-progress object
 
 
[admin:controller]: vrfcontext:bgp_profile> community internet
[admin:controller]: vrfcontext:bgp_profile> community 10:10
[admin:controller]: vrfcontext:bgp_profile> community 65000:20
[admin:controller]: vrfcontext:bgp_profile> save
[admin:controller]: vrfcontext> save
 
+---------------------------+-----------------------------------------------------------------------+
| Field                     | Value                                                                 |
+---------------------------+-----------------------------------------------------------------------+
| uuid                      | vrfcontext-3cc726d3-d94a-4eb0-9c70-f70d7e1b185e                       |
| name                      | global                                                                |
| bgp_profile               |                                                                       |
|   local_as                | 65000                                                                 |
|   ibgp                    | True                                                                  |
|   keepalive_interval.     | 60                                                                    |
|   hold_time               | 180                                                                   |
|   send_community          | True                                                                  |
|   community[1]            | internet                                                              |
|   community[2]            | 10:10                                                                 |
|   community[3]            | 65000:20                                                              |
| system_default            | True                                                                  |
| tenant_ref                | admin                                                                 | 
| cloud_ref                 | Default-Cloud                                                         |
+---------------------------+-----------------------------------------------------------------------+
</code></pre>