14

We have an outbound route-map on an eBGP peer that adds some communities to certain prefixes. Is there any way to prove that this is actually happening from the sender side in classic IOS?

show ip bgp neighbor x.x.x.x advertised-routes does not show them

Even debug ip bgp update out doesn't seem to!

In gns3 I can make the same config and see that it works from my fake upstream side, but I need to be able to verify in the production router from the local side...

AnotherHowie
  • 355
  • 1
  • 3
  • 11
  • I'm sure you do, but I'll ask anyway: you have "send-community" on the neighbour right? – Olipro Dec 15 '13 at 07:01
  • Oh, sure. As I said - it works in GNS3 and I'm pretty certain it's working in production. I'm just looking for a way to SHOW that it's working from the sender side. – AnotherHowie Dec 15 '13 at 11:16

6 Answers6

8

Last time I checked/tried to do this, it wasn't possible in IOS. I'm not sure about NX-OS or IOS-XE/XR though. It doesn't help you, but this is possible to do on Juniper gear.

Regarding your configuration - make sure you're using the additive keyword in your route-maps to set the communities, otherwise you will not be adding communities to the list, but rather replacing any existing communities with the one you're setting in your route-maps.

John Jensen
  • 8,997
  • 4
  • 29
  • 47
  • Thanks - I found that Juniper command, teasing me! This is classic IOS, unfortunately. It seems that nothing short of packet capture will show me what my updates look like *after* the outbound route-map is applied (communities, modified next-hops or anything else). – AnotherHowie Dec 12 '13 at 19:14
2

Set up another BGP peer or route-reflector that you control with identical policies . Of course, make sure you're not blackholing any traffic toward this peer.

generalnetworkerror
  • 7,094
  • 6
  • 32
  • 65
  • As I said, it works in GNS3. It was specifically to _see_ the communities on *that* session on *that* router. I was having a fight with a supplier who insisted (without checking the results) that my config could _never_ work because it didn't exactly match their sample config. Since then, we've proved that they had a config issue on their side, but being able to do "show ip bgp neigh x.x.x.x advertised-routes detail" would have saved some hassle. – AnotherHowie Dec 15 '13 at 11:21
1

On router running IOS-XR you can use "show bgp advertised neighbor A.B.C.D or X:X::X", it will give you additional info about the prefixes sent to the neighbor (including of course community if configured). As stated before remeber to use the "additive" keyword inside the route-map statement if you don't want to replace the whole list and add the "send-community-ebgp" under the right address-family in order to start sending it to the neighbor

SimoneC
  • 11
  • 1
0

Have you tried to run show ip bgp x.y.z.0/24 ? That command shows Community in our environment (15.+ version)

zzoldi
  • 1
  • That shows the community for the received prefix though, doesn't it? Not the sent one (if it is added with a route-map)... – AnotherHowie Aug 27 '15 at 12:34
0

This works on IOS-XE 15.x:

show bgp ipv4 unicast detail

It produces this output:

BGP routing table entry for 0.0.0.0/0, version 5
  Paths: (1 available, best #1, table default, not advertised to EBGP peer)
  Not advertised to any peer
  Refresh Epoch 1
  65000 65001
    1.1.1.1 from 1.1.1.1 (1.1.1.1)
      Origin IGP, localpref 100, valid, external, best
      Community: no-export
      rx pathid: 0, tx pathid: 0x0
dtoubelis
  • 101
  • 3
0

I've been able to successfully confirm BGP attributes are being applied by debugging BGP and then resetting the peer and then watching the debug messages - It is of course disruptive. After you did your debug ip bgp update-out, did you do a hard reset on the peer? I will lab this up and provide a screenshot.

Okinawa Joe
  • 1
  • 1
    You shouldn't need to drop the session... do a soft bgp clear out – Mike Pennington Dec 15 '13 at 15:12
  • Well, when I tried with `debug ip bgp update out` I saw the updates but that didn't include the communities. If I do `debug ip bgp update` to see the incoming updates on my GNS3 lab, then I _do_ see the community in the incoming update debug messages, but that's no use to me in the real situation. – AnotherHowie Dec 15 '13 at 19:36
  • Which IOS version does this for you? My lab is a relatively old 12.4T, now that I think about it. It's possible this has been added in 15+ for example. – AnotherHowie Dec 15 '13 at 19:42