Chris is referring to deleting the communities that the route server is using to take action (i.e.: it should be transparent in that regard and not leak communities).
The original example I had sent on how to do this in Bird has this as part of it as well, and would be considered standard and best practice. These shouldn’t be leaked back and forth between participants.
see: https://gitlab.labs.nic.cz/labs/bird/wikis/Route_server_with_community_based_filtering_and_single_RIB
function bgp_out(int peeras)
{
if !bgp_out_comm(peeras) then return false;
# Remove IXP related communities
bgp_community.delete([(0,*)]);
bgp_community.delete([(myas,*)]);
bgp_ext_community.delete([(ro,0,*)]);
bgp_ext_community.delete([(ro,myas,*)]);
return true;
}
--
Andrew Hoyos
[log in to unmask]
> On May 18, 2016, at 1:00 PM, Steve Howard <[log in to unmask]> wrote:
>
> Like I said. Perhaps I don't understand the question...
>
> I understand the statement "If an IX participant wants to control traffic directly with another peer, they would work with that participant to use their possibly pre existing action communities." But, how will that work if all communities are cleared by the route servers? Or are you saying only strip the communities that the route server uses to take action?
>
>
> On 05/18/2016 12:49 PM, Chris Wopat wrote:
>> The route servers are performing the action of not advertising. It shouldn't be on all IX participants to perform action on these communities or they wouldn't work as intended.
>>
>> If an IX participant wants to control traffic directly with another peer, they would work with that participant to use their possibly pre existing action communities.
>>
>> --
>> Chris Wopat
>> Network Engineer, WiscNet
>> [log in to unmask] 608-210-3965
>>
>> From: Steve Howard <[log in to unmask]>
>> Sent: May 18, 2016 12:23 PM
>> To: [log in to unmask]
>> Subject: Re: [MICE-DISCUSS] Route Server BGP communities (& OS upgrades) - 5/22/2016
>>
>> On 05/18/2016 12:03 PM, Chris Wopat wrote:
>>> On 05/18/2016 11:53 AM, Doug McIntyre wrote:
>>>> Would you want the export function to
>>>> clear any communities it had at the end? (Something that is NOT done
>>>> right now).
>>>
>>> Yes, I would consider it standard practice to clear action communities after the action was taken so they don't propagate/leak beyond AS 53679.
>>>
>>> IX members may wish to filter them on import as well [1]. Both is probably the most sane outcome.
>>>
>>> [1] - ras's BGP community presentation is always good to review - https://www.nanog.org/meetings/nanog40/presentations/BGPcommunities.pdf
>>>
>>>
>>
>> Perhaps I don't understand the specific question? But, I would prefer that the communities not be stripped. If they are stripped, how would we pass action communities onto other MICE members that require action on their networks? Perhaps just strip out the 53679:* communities would be a better choice?
>>
>> To unsubscribe from the MICE-DISCUSS list, click the following link:
>> http://lists.iphouse.net/cgi-bin/wa?SUBED1=MICE-DISCUSS&A=1
>>
>>
>> To unsubscribe from the MICE-DISCUSS list, click the following link:
>> http://lists.iphouse.net/cgi-bin/wa?SUBED1=MICE-DISCUSS&A=1
>>
>
>
> To unsubscribe from the MICE-DISCUSS list, click the following link:
> http://lists.iphouse.net/cgi-bin/wa?SUBED1=MICE-DISCUSS&A=1
>
