This post will shows applications of BGP Community.  It doesn't show deep description about BGP Community.  BGP communities are tags, or attributes that can be attached to BGP prefixes announcement.  Based on that community, policy can be define to do something to that routes.  BGP Communities are descibed in RFC 1997.  According to RFC 1997, BGP Communities describe as a group of destinations which share some common property.  Each autonomus system administrator may define which communities a destination belongs to.  By default, all destinations belong to the general Internet community.  BGP Community have 32 bit value.

BGP communities can be used to influence routes.  Based on BGP Communities attached, administrator can prepend as-path, add local preference, or another policy, to prefix that received.  Also, if adminsitrator knows communities value, or have aggreement with upstream, administrator can set some communities value to influence routes at the upstream.

Applications of BGP Communities
If you want to define policy based on community value, the first thing to do is add community value to routes or prefixes.  Then in the receiver router, set policy for routes or prefixes that have community.  In IOS, you must set neighbor send-community in order BGP speaker include community in routes announcement.

Example

AS 65000 want set community for their customers prefixes to control routes advertisement.  Community value 65000:1 will be prepended twice when adevrtise to Telia, and community value 65000:2 will be prepended twice when advertised to Sprint.  Router A is router that connected to customer, and router B is router that connected to upstream.
In router A, you configure policy to set community 65000:1 or 65000:2.  In router B, you configure policy to prepend as-path based on community.

In Cisco router

Router A Configuration

router bgp 65000
neighbor 10.1.1.1 remote-as 65000
neighbor 10.1.1.1 description To_Border_Router_B
neighbor 10.1.1.1 send-community both
neighbor 10.1.1.1 update-source loopback0
neighbor 172.16.1.2 remote-as 65001
neighbor 172.16.1.2 description To_Cust_X
neighbor 172.16.1.2 route-map SET_COM_TELIA in
neighbor 172.16.1.4 remote-as 65002
neighbor 172.16.1.4 description To_Cust_Y
neighbor 172.16.1.2 route-map SET_COM_SPRINT in

route-map SET_COM_TELIA permit 10
set community 65000:1

route-map SET_COM_SPRINT permit 10
set community 65000:2

Router B Configuration

router bgp 65000
neighbor 10.1.1.2 remote-as 65000
neighbor 10.1.1.2 description To_Edge_Router_A
neighbor 10.1.1.2 send-community both
neighbor 10.1.1.2 update-source loopback0
neighbor 192.168.1.2 remote-as 1299
neighbor 192.168.1.2 description To_Telia
neighbor 192.168.1.2 send-community both
neighbor 192.168.1.2 route-map TO_TELIA out
neighbor 192.168.1.4 remote-as 1239
neighbor 192.168.1.4 description To_Sprint
neighbor 192.168.1.4 send-community both
neighbor 192.168.1.4 route-map TO_SPRINT out

route-map TO_TELIA permit 10
match community 65000:1
set as-path prepend 65000
route-map TO_TELIA permit 15

route-map TO_SPRINT permit 10
match community 65000:2
set as-path prepend 65000
route-map TO_SPRINT permit 15

In Juniper router

Router A

[edit]
protocols {
bgp {
group Customer {
type external;
neighbor 172.16.1.1 {
description Cust_X;
import SET_TELIA
peer-as 65001;
}
neighbor 172.16.1.2 {
description Cust_Y;
import SET_TELIA
peer-as 65002;
}
}
policy-option {
policy-statement SET_TELIA {
then {
community add TELIA;
accept;
}
}
policy-option SET_SPRINT {
then {
community add SPRINT;
accept;
}
}
community TELIA members 65000:1;
community SPRINT members 65000:2;
}

Router B

[edit]
protocols {
bgp {
group Upstream {
type external;
neighbor 192.168.1.2 {
description Telia;
export TO_TELIA
peer-as 1299;
}
neighbor 192.168.1.4 {
description Sprint;
export TO_SPRINT
peer-as 1239;
}
}
policy-option {
policy-statement TO_TELIA {
term 2 {
from community TELIA;
then {
as-path-prepend "65000";
accept;
}
}
term 2 {
then accept;
}
}
policy-statement TO_SPRINT {
term 1 {
from community SPRINT;
then {
as-path-prepend "65000";
accept;
}
}
term 2 {
then accept;
}
}
community TELIA members 65000:1;
community SPRINT members 65000:2;
}

Reference:
http://tools.ietf.org/rfc/rfc1997.txt

Cisco has support EIGRP as PE CPE routing protocol in MPLS VPN.  It is just like another routing protocol using for PE CPE roituing protocol.  The mechanism is common.  EIGRP in PE talk with EIGRP in CPE to exchange routing, then routing receive from CPE is redistribute to MP BGP (multi protocol BGP) running under address family configuration.  EIGRP receive all VPN routing from reditributing form MP BGP (multi protocol BGP) running under address family configuration.


Example Configuration

BGP Configuration

router bgp 65000
no syncronization
neighbor 10.10.10.1 remote-as 65000
neighbor 10.10.10.1 update-source loopback0
address-family vpnv4
neighbor 10.10.10.1 activate
neighbor 10.10.10.1 send-community extended
exit-address-family
address-family ipv4 vrf TEST
reditribute eigrp 100
no syncronization
exit-address-family

EIGRP Configuration

router eigrp 1
address-family ipv4 vrf TEST
network 192.168.1.0 0.0.0.255
reditribute bgp 65000 metric 10000 100 255 1 1500
autonomous-system 100
exit address-family

EIGRP 100, EIGRP autonomus system running between PE and CPE, is reditribute into BGP so that the routing from PCE receive by EIGRP can be send across MPLS network and receive by another PE.  Also, routing form BGP AS 65000 is reditribute into EIGRP, so that it can send to CPE through EIGRP 100.  Autonomous system in EIGRP is that autonomous system running in CPE router.

Blogged with the Flock Browser

Peer group in a set of BGP neighbor that share some policy.  Policy that can be the same, for example, route-map, filter-list, prefix-list, update-source, route-reflector client.  Peer group can reduce cpu process consumption, also configuration effort.


Example

BGP Configuration Using Peer Group In Cisco Router

Before using Peer Group

router bgp 65000
neighbor 10.10.1.1 remote-as 65000
neighbor 10.10.1.1 update-source loopback0
neighbor 10.10.1.1 route-reflector client
neighbor 10.10.1.1 next-hop self
neighbor 10.10.1.2 remote-as 65000
neighbor 10.10.1.2 update-source loopback0
neighbor 10.10.1.2 route-reflector client
neighbor 10.10.1.2 next-hop self

After using Peer Group

router bgp 65000
neighbor INTERNAL-PEER peer-group
neighbor INTERNAL-PEER update-spurce loopback0
neighbor INTERNAL-PEER route-reflector client
neighbor INTERNAL-PEER next-hop self
neighbor 10.10.10.1 remote-as 65000
neighbor 10.10.10.1 peer-group INTERNAL-PEER
neighbor 10.10.10.2 remote-as 65000
neighbor 10.10.10.2 peer-group INTERNAL-PEER

BGP Configuration Using Peer Group in Juniper Router

In JunOS, by default neighbor is create under group, a.k.a peer group.  So, if you want share policy, just apply policy under group, not under specific neighbor.

This procedure will explain how to recover JunOS password.

1.  Login to machine using console port.  Restart the machine, when appear the boot screen, interrupt the boot process by pressing space.
2.  Go to singel user mode, by type boot -s
3.  System will do normal boot process.  When promped for "pathname", enter
/usr/libexec/ui/recovery-mode
4.  System will bring you to "root>"
5.  At this point, you can delete, or change the root-authentication.  I like change rather than delete it.  Type configure at root> prompt to enter configuration mode.
6.  Now you have been in JunOS configuration mode.  Set root-authentication to change root-authentication password, or delete root-authentication.
7.  Commit to save new root-authentication password.
8.  Reboot it to enter normal process again.

Olive is PC running JunOS not in Juniper machine. Not like Cisco IOS that have Dynamips as ready to use IOS simulator, there is no ready to use JunOS simulator yet.
Fortunately, JunOS runs on top of FreeBSD, so we can simulate by install it on FreeBSD, called as Olive.  To whom that want to learn JunOS, or want to take JNCIE :), but do not have Juniper machine, Olive is the solution.  This post will explains how to install JunOS in VMWare or called Olive.
Things that you need to prepare are, FreeBSD image, VMWare, and Junos image itself. Follow steps below for installing Olive.

1. Installing FreeBSD Using VMWare
Download FreeBSD here. Download JunOS image, just googling to find it, I recommend to use FileCrop, a file search engine, it's very easy to find any file using it.
Install FreeBSD in VMWare. I create 3 Gb as virtual disk.  You need this miminum space, cause later, we will upgrade to Junos 9.x that need 3 Gb minimum virtual harddisk.
Choose Skip Kernel Configuration

Choose Express
Choose A (Use Entire Disk). Choose Q (Quit).

Choose Standard

Choose C (create).

Fill 500M, FS (FIle System), fill / on partition.

Choose C.
Fill 500M, Swap.

Choose C, Fill 100M, fill /config on partition.

Choose C, use all rest of space, fill /var on partition.

Click Q (Finish).

Choose CD/DVD. Choose Yes on answer.

Choose Yes again.

Choose Root password. Fill with your root password.

Choose Networking, Choose Interfaces.

Choose Interfaces. Choose em0.

Choose No for IPv6

Choose No for DHCP if you plan to configure static IP.

Fill your network configuration.

Choose Yes.

Choose Exit.

Choose Exit Install.

2. Installing Junos image

a. Copy JunOS image to FreeBSD virtual machine. Setup your FTP server, then use FTP to copy Junos image from your FTP server to your virtual machine. One of recomended free FTP Server is Cesar FTP Server. It is easy to use. Although it has not been developed again, but it still can be downloaded. After setup your account and directory, do ftp from your virtual machine. Set your local directory to /var/tmp.

b. Installing JunOS image. Login to your FreeBSD virtual machine. Go to /var/tmp directory.
Do the following:

rm /dev/wd0c
ln -s /dev/ad0c /dev/wd0c
mkdir /var/etc
touch /var/etc
touch /var/etc/master.passwd
touch /var/etc/inetd.conf
touch /var/etc/group

Install JunOS
pkg_add /var/tmp/jinstall-7.4R1.7-export-signed.tgz

Reboot your machine to finish Junos installation.

3. Getting Access to Olive Using Virtual Serial Port.
Once you reboot your Olive after installing your Junos software, you won't get access to your Olive. To get access to your Olive, you need to use serial port and Virtual Serial Port Driver. You can get Virtual Serial Port Driver software from Eltima Software.
Accessing Olive using serial port:
a. Create serial port pair using Virtual Serial Port Driver software

b. Add serial port in Olive, using serial port have been made before in Virtual Serial Port Driver.
Click Add. Choose Serial Port. Use Physical Serial Port on the host. Choose serial port have been made using Virtual Serial Port Driver.

Use your favourite software to access to Junos through serial port.

4. Upgrade to Junos 8.x
In order the ethernet card detected by Junos, you need to upgrade to Junos 8.x. Because this time ethernet can not be detected, you can not use FTP to copy Junos image. You need to create other FreeBSD virtual machine, copy Junos image to that. Add your second virtual machine as second IDE in your Olive.
Mount your second drive. For example, if you copy Junos image in first partition of your second virtual machine, do the following

mount /dev/ad1s1a /mnt

Then copy Junos image to /var/tmp/ directory. Goto to /var/tmp/, then install new Junos image

pkg_add jinstall-8.3R2.8-export-signed.tgz

Reboot to complete upgrade.

shutdown -r now

After booting process, ethernet card can be detected, and you can start playing your Junos Olive with networking function.

5. Upgrade to Junos 9.x
Untill last procedure, Olive still can't be accessed from VMWare console.  In order to access Olive from VMWare console, you need to upgrade to Junos 9.x. To upgrade to Junos 9.x, set SCSI to FALSE (in VMWAre configuration file), then set memory to 512M minimum value. After upgrade, you can set memory back to 256 M or even 128M.  Do upgrade procedure as usual.