1. Overview/Introduction
This document is meant to concisely describe the signalling options that Deutsche Telekom's AS3320 makes available to customer networks supported by BGP routing (transit service products). The intended audience is a customer's network administrator who is familiar with BGP and general public Internet routing techniques as well as how to configure and control their routers. This version of the document describes the options as defined for the initial roll out of the advanced routing policy definitions (implemented using the TROPOS configuration generator) identified as TSD3320 v1.0 targetted for January 17th 2005.

2. Customer Requests for Special Handling of Routes (by AS3320)

Customer networks connected to Deutsche Telekom's AS3320 Internet backbone with BGP
based routing can signal requests for specific treatment of their routes by setting BGP
communities as defined in this chapter.

2.1 Well known BGP communities

The official list of defined well known BGP communities is maintained by IANA, and made
available at http://www.iana.org/assignments/bgp-well-known-communities .
The long standing 3 well known BGP communities (NO_EXPORT, NO_ADVERTISE,
NO_EXPORT_SUBCONFED) are internally used within AS3320.
AS3320 does NOT accept routes with these BGP communities from neighbor AS (to avoid various inconsistencies within AS3320 and potentially with route announcements to customers). The recently defined well known BGP Community NOPEER however is supported by AS3320; customer networks can use this BGP community to restrict propagation of their route. Use of this BGP community as described in the defining RFC is encouraged.

2.1.1 No export

mnemonic: wkcNoExport
aka: NO_EXPORT (IANA)
no-export (IOS)
value: 65535:65281 0xFFFFFF01

AS3320 does not accept routes marked with this BGP community over eBGP.

2.1.2 No advertise

mnemonic: wkcNoAdvertise
aka: NO_ADVERTISE (IANA)
no-advertise (IOS)
value: 65535:65282 0xFFFFFF02

AS3320 does not accept routes marked with this BGP community over eBGP.

2.1.3 No export subconfed

mnemonic: wkcLocalAS
aka: NO_EXPORT_SUBCONFED (IANA)
local-AS (IOS)
value: 65535:65283 0xFFFFFF03

AS3320 does not accept routes marked with this BGP community over eBGP.

2.1.4 NOPEER
mnemonic: wkcNOPEER
aka: NOPEER (IANA)
value: 65535:65284 0xFFFFFF04

Defined by RFC 3765 (G. Huston, "NOPEER BGP community for BGP route scope control")
AS3320 supports this BGP community.

2.2 Controlling Route Priority within AS3320 (Local_Preference)

Currently AS3320 assigns a standard local preference value of 100. It is expected that policies regarding internal route priority will be refined. There are options to statically set lower or higher priorities. Requesting higher priorities requires authorization.
With TDS3320 v1.0 configuration of a LocalPref options has to be requested explicitly to
enable these request BGP communities for a customer AS. (In the next release we will enable at least reqLPrefStd100 and reqLPrefLow50 by default.)

2.2.1 Standard Priority (100)

mnemonic: reqLPrefStd100
value: 65001:100
Can be used to explicitly request standard routing priority within AS3320; e.g. to override
higher priority set that might be applicable for whatever reason and configuration option.

2.2.2 Low Priority (50)

mnemonic: reqLPrefLow50
value: 65001:50
This request will be honored if any Local Preference option is configured for the customer
connection.

2.2.3 High Priority (150)
mnemonic: reqLPrefHigh150
value: 65001:150
Raising priority will be honored only for authorized routes.

2.3 Requesting Blackholing Service

mnemonic: reqBlackhole
value: 65000:0
Requires authorization from holder of address space; the set of routes accepted for
blackholing in general will be different from the routes accepted for regular routing.
Blackholing routes will be more specific routes covering address space supported for regular routing.

3. Influencing Route Propagation to Other AS

3.1 Restrict Route Propagation

Customer networks may use these BGP communities to restrict propagation of their routes from AS3320 to it's peers (including upstream); please consider using the well known BGP community NOPEER where appropriate. The restriction can be defined by explicitly naming peer AS to be excluded, or by excluding certain classes of peer networks.

3.1.1 by peer AS

mnemonic: reqDontPropagateAS[:as]
value: 65010:xxx for AS numbers 0 < xxx < 64512

3.1.2 by peer class

mnemonic: reqDontPropagateClass[:class]
value: 65010:6500x
subvalues: 65010:65001 peer
65010:65002 upstream
65010:65003 peer and upstream
65010:65007 peer and upstream

3.2 Announce with AS Path Prepending

AS path prepending is a common way of making routes less attractive (as AS path length is usually one of the BGP path selection criteria). Customer networks may use these
BGP communities to selectively request from AS3320 insertion of extra copies of the AS number 3320 when propagating their routes to any of it's neighbors.
Currently extension of the AS path can be requested by one or two extra AS numbers
(resulting in AS paths seen by neighbor ASs with two or three times 3320).
The path prepending can be requested for explicitly named neighbor ASs or by certain classes of neighbor networks.

3.2.1 AS path prepending per peer AS for AS numbers 0 < xxx < 64512

mnemonic: req2ASprependAS:xxx
value: 65012:xxx
mnemonic: req3ASprependAS:xxx
value: 65013:xxx

3.2.2 AS path prepending per peer class

mnemonic: req2ASprependClass[:class]
value: 65012:xxx
mnemonic: req3ASprependClass[:class]
value: 65013:xxx

subvalues: (for n= 2,3 number of requested occurances of 3320 in path)

6501n:65001 peer
6501n:65002 upstream
6501n:65004 customer
6501n:65003 peer and upstream
6501n:65005 customers and peers
6501n:65006 customers and upstream
6501n:65007 all neighbors

4. Route classification

Customer networks connected to Deutsche Telekom's AS3320 Internet backbone with BGP
based routing will receive routes with additional classification signalled by BGP community
attributes as defined in this chapter.

4.1 Class of Peer (BGP neighbor injecting the route into AS3320)

4.1.1 Customer network

mnemonic: markNetCustomer
value: 3320:9010

4.1.2 Peer network

mnemonic: markNetPeer
value: 3320:9020

4.2 Country of Import

mnemonic: markCountryImport[:CC]
value: 3320:1ccc with "ccc" 3 decimal digits from the ISO 3166 country codes
subvalues: (with the commonly known 2 letter ISO 3166 country codes)
(please see Appendix A)

CC 3320:1ccc country name
e.g. DE 3320:1276 Germany

4.3 Region of Import

mnemonic: markRegion:2rrr (with rrr 3 decimal digits)
value: 3320:2rrr
subvalues: 3320:2010 Europe
3320:2020 North America
3320:2030 Pacific Rim

5. Options to be explicitly requested/configured

(more details to follow in future versions of this document)

5.1 MD5 protection of eBGP sessions
In general AS3320 expects to negotiate a MD5 key for each neighbor AS to protect all eBGP sessions; AS3320 will propose a MD5 key in each case.

5.2 Announcement of a default route

5.3 Authorization for High Priority (Local Pref)

5.4 Authorization for Blackholing

5.5 Squashing MED

AS3320 accepts and honors by default MED announced by customer networks.

6. Miscellaneous ...

Other functions and topics that will be addressed in future versions of this document (or
additional documents) include:

- use of multi-hop eBGP for load-sharing over multiple parallel circuits between a
single pair of border gateways (and in general)
- maximum-prefix limit
- IRR based automatic route filter generation
- authorization requirements and schemes

7. General Information

We are conservative in the set of functions offered; some refinements are likely to follow
early 2005 - including the handling of configuration requests, network data, and authorization.
Future releases certainly will provide significantly enhanced policies and a richer set of
signalling functions.

Verizon Business supports a user configurable routing policy by allowing customers to fine tune their routing announcements via the BGP community attribute. The following information outlines the policy and demonstrates how customers can implement the routing policy of their choice.

Verizon Business has multiple ASN within a confederation AS701. Verizon Business maintains multiple autonomous systems with each one providing continental coverage. AS701AS702 provides coverage for Europe, AS703 is for Asia and AS14551 is growing in South America. Routes Verizon Business hears from customers are advertised to all Verizon Business autonomous systems as well as Verizon Business peers.

ASN	Location / Area
701	North America
702	Europe
703	Asia
704	Multicast
705	Dial network
14551	South America

Customers now can set values which modify the BGP community attribute "Local Preference" and "AS Path Length" as well as control which route(s) should be advertised to Verizon Business peers (ISPs). These controls are customer implemented by advertising routes tagged with the appropriate BGP community attribute and when received Verizon Business will act on the BGP community value as shown below.

The attribute "LOCAL_PREF" is used to set a route as "preferred" or "least preferred" over all others. Since BGP selects the route with the highest local preference a route can be made "preferred" by setting the "LOCAL_PREF" value higher than the default value of 100. Also, any route can be made to be "least preferred" by setting the "LOCAL_PREF" value lower than the default value of 100. The "LOCAL_PREF" setting is non-transitive and affects routes only in the AS in which it is set and does not pass to external BGP peers. The table below defines the values and actions for the "LOCAL_PREF" attribute.
Customers may modify the UUNET "LOCAL_PREF" value by tagging their route announcements with ONE of the BGP communities defined below. Each route should be tagged with only one value for "LOCAL_PREF." Once Verizon Business receives this route announcement tagged with the appropriate BGP community string for modifying "LOCAL_PREF", the BGP attribute will be set accordingly. "LOCAL_PREF" is set immediately on the Verizon Business router to which the customer attaches. Please refer to the table below for the BGP community string values that Verizon Business will accept for setting "LOCAL_PREF."

BGP Community String	LocalPref Value	Description
Default	100	Default Value
70x:80	80	Set localpref 80
70x:90	90	Set localpref 90
70x:110	110	Set localpref 110
70x:120	120	Set localpref 120

ex) 701:80, 702:80, 703:80 and so on.

A case may arise where 2 or more paths exist for the same destination with the same "LOCAL_PREF" value. The next configurable option in BGP route selection process is to lengthen the AS PATH. The route with the shortest AS PATH LENGTH is preferred. The table below defines the values and actions for AS PATH LENGTH.

The AS PATH LENGTH is adjusted at the egress or Verizon Business peering points to all peers. The table below defines the community value for setting AS PATH LENGTH and the total path length announced to peers.

BGP Community String	Prepend AS	Description
70x:1	70x	Prepends 70x once on announcements to peers
70x:2	70x 70x	Prepends 70x twice on announcements to peers
70x:3	70x 70x 70x	Prepends 70x thrice on announcements to peers

ex) 701:1 = 701
701:2 = 701 701
701:3 = 701 701 701

This is accomplished by filtering routes based on a BGP community value filtering at Verizon Business's egress points.

BGP Community String	Description
70x:20	Do not send to peers, but send to customers or (701, 702, 703 and 14551)
70x:30	Do not send to continent(701, 702, 703 and 14551), but send customers and peers
70x:70	Do not send to peers or customers, but send to continent(701, 702, 703 and 14551)

Also, Verizon business provide a below BGP community string for security purpose.

BGP Community String	Description
70x:9999	Used by customers to black hole their own routes in the event of an attack. The only constraint is that the customer must be set up for multihop BGP

BGP Community String	Description
70x:20	Do not send to Peers
70x:1020	Do not send to Peers
70x:30	Do not send to continents (701,703, 14551 and etc)
70x:1030	Do not send to continents (701, 703, 14551 and etc)
70x:70	Do not send to peers or customer
70x:1070	Do not send to peers or customer

Additional BGP Community String

Summary of actions that the per-peer-community knob supports

1. Do not Announce to specified AS
2. Prepend one time
3. Prepend two times
4. Prepend three times
5. Prepend four times
6. Announce to specified AS

** The maximum recommended number of per-peer-communities that a customer should set is 20.

The per-peer BGP communities will have the following format: 64XXY:ASN

XX value Actions

1. 90: Don't send to particular AS
2. 91: Prepend 1 time to particular AS
3. 92: Prepend 2 times to particular AS
4. 93: Prepend 3 times to particular AS
5. 94: Prepend 4 times to particular AS
6. 99: send to a particular AS

Y value Actions to apply area

1. 0 Global
2. 1 North America(AS701) within VZB
3. 2 Europe(AS702) within VZB
4. 3 Asiapac(AS703) within VZB
5. 4 Latin(AS14551) within VZB

Order of operation

1. Existing "don't send to peer/AS" and regional / continental specific routes communities
2. Per-peer-communities: Continental "don't send" communities
3. Per-peer-communities: Continental "send w/o modification" communities
4. Per-peer-communities: Continental "pre-pend" communities
5. Per-peer-communities: Global "don't send" communities
6. Per-peer-communities: Global "send w/o modification" communities
7. Per-peer-communities: Global "pre-pend" communities
8. Existing "don't send" to peers, "don't send" to peers+customers communities
9. Existing continental "pre-pend" to peers communities
10. Existing global "pre-pend" to peers communities

ex) If customer send a route with communities string 701:70 and 64911:1239:

The route will pre-pend AS701 once when going to Sprint, but this route announcement won't go to any other peers/Peers or Customers

community AS1239-NA-dont-send members "^64901:1239$"; Sprint
community AS1668-NA-dont-send members "^64901:1668$"; AOL
community AS174-NA-dont-send members "^64901:174$"; COGENT
community AS209-NA-dont-send members "^64901:209$"; Qwest
community AS2914-NA-dont-send members "^64901:2914$"; NTT Ameria
community AS3356-NA-dont-send members "^64901:3356$"; Level 3
community AS3549-NA-dont-send members "^64901:3549$"; Global Crossing
community AS3561-NA-dont-send members "^64901:3561$"; Savvis
community AS6453-NA-dont-send members "^64901:6453$"; Teleglobe
community AS6461-NA-dont-send members "^64901:6461$"; AboveNet
community AS7018-NA-dont-send members "^64901:7018$"; ATT

Cogent will send the customer a complete BGP table without aggregating the internal Cogent routes. This is useful for customers who are multi-homed within the Cogent Network.

Local Preference

All customer routes announced to Cogent will have a local pref of 130. The customer can control the local preference for their announcements by using a BGP community string that is passed to Cogent in the BGP session. The following table lists the BGP community strings and the corresponding local preference that will be set when they are used.

BGP Community String	Local Pref	Effect
174:10	10	Set customer route local preference to 10 (below everything-least preferred)
174:70	70	Set customer route local preference to 70 (below peers)
174:120	120	Set customer route local preference to 120 (below customer default )
174:125	125	Set customer route local preference to 125 (below customer default)
174:135	135	Set customer route local preference to 135 (above customer default)
174:140	140	Set customer route local preference to 140 (above customer default)

AS Padding

Customers with public AS numbers may pad their AS path to control the desirability of their
connections. Customers with an assigned private AS number from Cogent may not pad their AS path. Cogent will ignore any padding of private AS numbers from customers.

No-Export

Customers can control the "no-export" settings of their routes with the following community

strings:

BGP Community String	Effect
174:970	Do not send route to NA (North America) - not accepted in NA
174:971	Do not send route to NA peers.
174:975	Set local preference to 10 in NA.
174:980	Do not send route to EU (Europe) - not accepted in EU
174:981	Do not send route to EU peers.
174:985	Set local preference to 10 in EU.
174:990	Do not send route to BGP customers, or peers.
174:991	Do not send route to peers.

Peer Controls

Effective on ALL peer, non-granular.

BGP Community String	Effect
174:3000	Do not announce.
174:3001	Prepend 174 1 time.
174:3002	Prepend 174 2 times.
174:3003	Prepend 174 3 times

Detailed Non-Transit Peer

Cogent will send its internal routes without aggregating them, as well as the routes of other Cogent BGP customers. This is recommended for customers who are multi-homed within the Cogent Network and who want to use their connection to only access the Cogent Network.

Other BGP Communities

Routes announced to customers by Cogent will have one of the following communities associated with them:

BGP Community String	Description
174:21000	Route is learned from NA (North America) non-customer.
174:21001	Route is NA internal or customer route.
174:21100	Route is learned from EU (Europe) non-customer.
174:21101	Route is a EU internal or customer route.

Blogged with the Flock Browser