Configuring Community Lists
You can use community lists to filter BGP routes based on the community attribute. The community number consists of a 4-byte value in the aa:nn format. The first two bytes represent the autonomous system number, and the last two bytes represent a user-defined network number.
When you configure multiple values in the same community list statement, all community values must match to satisfy the community list filter. When you configure multiple values in separate community list statements, the first list that matches a condition is processed.
Use community lists in a match statement to filter BGP routes based on the community attribute.
You need to send-community BGP with your peer to exchange and use community.
- no-export—Do not advertise this route to external BGP peers.
- no-advertise—Do not advertise this route to any peer.
- internet—Advertise this route to the Internet community. All BGP-speaking networking devices belong to this community.
- local-as—Do not send this route outside the local autonomous system.
- gshut—Community of routes gracefully shut down.
- blackhole-Use to blackhole to drop any traffic being sent towards this prefix. for security purpose like DDoS.
Diagram
Classes
route_control (vxlan.overlay_extensions)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| standard_community_lists | List | [standard_community_lists] | No |
standard_community_lists (vxlan.overlay_extensions.route_control)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| name | String | Regex: ^[A-Za-z0-9-_]{1,63}$ | Yes | |
| entries | List | [entries] | Yes |
entries (vxlan.overlay_extensions.route_control.standard_community_lists)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| seq_number | Integer | min: 1, max: 4294967294 | Yes | |
| operation | Choice | permit, deny | Yes | |
| communities | List | Choice[blackhole, graceful-shutdown, internet, local-as, no-advertise, no-export] | No |
Example
In this example, we will create one ip community-list standard named: Standard-Community with two entries.
The first entry in the sequence number: 10 will permit routes with community: 65000:100.
The second entry uses the sequence number: 20 will permit routes with community: 65000:101 AND the well-known community: no-export.
This community is used in the group communityList_RCtrlGrp, which is consumed by the switch named netascode-leaf1.
ip community-list standard BGPCommunity seq 10 permit 65000:100
ip community-list standard BGPCommunity seq 20 permit 65000:101 no-export
---
vxlan:
overlay_extensions:
route_control:
standard_community_lists:
- name: Standard-Community
entries:
- seq_number: 10
operation: permit
communities:
- 65000:100
- seq_number: 20
operation: permit
communities:
- 65000:101
- no-export
groups:
- name: communityList_RCtrlGrp
standard_community_lists:
- name: Standard-Community
switches:
- name: netascode-leaf1
groups:
- communityList_RCtrlGrp