Re: What's the point of prepend communities?

[Michael Hallgren]

Yes, sometimes very much so, and often nice to combine with local-pref settings 
based on upstream's "geo-community-values" when available.

Cheers, 
mh

Le 1 nov. 2017 à 18:59, à 18:59, Leo Bicknell  a écrit:
>In a message written on Mon, Oct 30, 2017 at 07:56:43PM +0100, Michael
>Hallgren wrote:
>> But keep in mind that 'prepend communities' are fragile: I decide by
>local preference whereto I send my traffic.
>
>Absolutely, but they are still very useful in many situations.
>
>--
>Leo Bicknell - bickn...@ufp.org
>PGP keys at http://www.ufp.org/~bicknell/

Re: What's the point of prepend communities?

[Leo Bicknell]

In a message written on Mon, Oct 30, 2017 at 07:56:43PM +0100, Michael Hallgren 
wrote:
> But keep in mind that 'prepend communities' are fragile: I decide by local 
> preference whereto I send my traffic.

Absolutely, but they are still very useful in many situations.

-- 
Leo Bicknell - bickn...@ufp.org
PGP keys at http://www.ufp.org/~bicknell/


signature.asc
Description: PGP signature

Re: What's the point of prepend communities?

[Michael Hallgren]

Hi guys,

But keep in mind that 'prepend communities' are fragile: I decide by local 
preference whereto I send my traffic.

Cheers,
mh

Le 30 oct. 2017 à 18:25, à 18:25, Leo Bicknell  a écrit:
>In a message written on Thu, Oct 26, 2017 at 01:54:17PM -0600, Clinton
>Work wrote:
>> I believe that Jason is asking about an ISP BGP community to prepend
>> their AS when the BGP routes are received from the customer (not when
>
>Yeah, I typoed my example, should have been:
>
>There are paths:
>
>1 2 3 5
>1 2 4 5
>
>If you prepend your ASN, you get:
>
>1 1 2 3 5
>1 1 2 4 5
>
>No difference.  If you send the ISP a prepend community for 3, you get:
>
>1 2 2 3 5
>1 2 4 5
>
>And you just forced all traffic to the second, shorter path.  For only
>customers that are dual homed to 3 & 4 without affecting other traffic.
>
>--
>Leo Bicknell - bickn...@ufp.org
>PGP keys at http://www.ufp.org/~bicknell/

Re: What's the point of prepend communities?

[Leo Bicknell]

In a message written on Thu, Oct 26, 2017 at 01:54:17PM -0600, Clinton Work 
wrote:
> I believe that Jason is asking about an ISP BGP community to prepend
> their AS when the BGP routes are received from the customer (not when

Yeah, I typoed my example, should have been:

There are paths:

1 2 3 5
1 2 4 5

If you prepend your ASN, you get:

1 1 2 3 5
1 1 2 4 5

No difference.  If you send the ISP a prepend community for 3, you get:

1 2 2 3 5
1 2 4 5

And you just forced all traffic to the second, shorter path.  For only
customers that are dual homed to 3 & 4 without affecting other traffic.

-- 
Leo Bicknell - bickn...@ufp.org
PGP keys at http://www.ufp.org/~bicknell/


signature.asc
Description: PGP signature

Re: What's the point of prepend communities?

[Brett Frankenberger]

On Sun, Oct 29, 2017 at 07:01:13AM -0500, Mike Hammett wrote:
> If I understand the OP correctly, I will use this real world example: 
> 
> https://onestep.net/communities/as174/ 
> 
> 174:3001 through 174:3003 as compared to doing the prepending
> yourself.  What is the functional difference?
> 
> BGP neighbors of 174 will see just as many AS hops either way, but
> non-BGP customers of 174 would see you just one hop away.  It's just
> another method of traffic engineering.

According to the link you provided, 3001..3003 are effective on "ALL
peer[s]" (which is differnet from all BGP neighbors).  So BGP-speaking
customers of 174 will not see the prepending if you use 174:3001..3003,
but peers will; but if you do the prepending yourself, then all 174's
peers and all 174's BGP-speaking customers see it.

 -- Brett

Re: What's the point of prepend communities?

[Mike Hammett]

If I understand the OP correctly, I will use this real world example: 

https://onestep.net/communities/as174/ 


174:3001 through 174:3003 as compared to doing the prepending yourself. What is 
the functional difference? 


BGP neighbors of 174 will see just as many AS hops either way, but non-BGP 
customers of 174 would see you just one hop away. It's just another method of 
traffic engineering. 




- 
Mike Hammett 
Intelligent Computing Solutions 
http://www.ics-il.com 

Midwest-IX 
http://www.midwest-ix.com 

- Original Message -

From: "Jason Lixfeld" <jason+na...@lixfeld.ca> 
To: "William Herrin" <b...@herrin.us> 
Cc: "NANOG" <nanog@nanog.org> 
Sent: Thursday, October 26, 2017 1:47:44 PM 
Subject: Re: What's the point of prepend communities? 

Hi Bill, 

> On Oct 26, 2017, at 2:37 PM, William Herrin <b...@herrin.us> wrote: 
> 
> BGP routing is based on "distance". Distance in BGP is primarily calculated 
> as the number of ASNs in the AS Path. Prepends make a path more distance, 
> encouraging routers to choose a different path if one is available. 

I understand how prepends fit in the context of best path selection, but my 
question was more the difference between a customer signalling the ISP to 
prepend their AS using a BGP community stamped to a prefix vs. the customer 
prepending their own AS instead. 

Re: What's the point of prepend communities?

[Rob Foehl]

On Thu, 26 Oct 2017, Jason Lixfeld wrote:


Absolutely.  I understand the "Prepend to Network blah” use case.  The case I 
don’t get is where the ISP makes no distinction in their policy document about how 
the prepending of their own AS is applied to their upstream announcements, implying 
that it’s announced to everyone.


The "prepend to everybody" communities are usually implemented as "prepend 
to all peers", excluding customers, and for some variable definition of 
"all".  YMMV, caveat emptor, et cetera -- in most cases you'll need to 
experiment.


I've used "prepend to all peers" communities a few times to avoid 
saturating transit links that are being consolidated but still under 
contract, in order to keep the link viable and in use by the immediate 
neighbor and their customers, but otherwise make it less attractive to the 
rest of the world under normal conditions.


-Rob

Re: What's the point of prepend communities?

[Steve Dodd]

Keep in mind also that when you allow a customer to deprioritize a
particular peer you can really blow up your COGS model (assuming you buy
transit).

Cheers,
Steve

On Thu, Oct 26, 2017 at 1:05 PM, William Herrin  wrote:

> On Thu, Oct 26, 2017 at 2:47 PM, Jason Lixfeld 
> wrote:
>
> > Hi Bill,
> >
> > > On Oct 26, 2017, at 2:37 PM, William Herrin  wrote:
> > >
> > > BGP routing is based on "distance". Distance in BGP is primarily
> > calculated as the number of ASNs in the AS Path. Prepends make a path
> more
> > distance, encouraging routers to choose a different path if one is
> > available.
> >
> > I understand how prepends fit in the context of best path selection, but
> > my question was more the difference between a customer signalling the ISP
> > to prepend their AS using a BGP community stamped to a prefix vs. the
> > customer prepending their own AS instead.
> >
> >
> Hi Jason,
>
> You'd only use communities like that if you want to signal the ISP to
> deprioritize your advertisement on a particular peer or set of peers but
> not others. That's when you're getting fancy. It's not the norm. The norm
> is you want to deprioritize one of your paths as a whole. Maybe that link
> has less capacity or is enough better connected that it would always
> override your other links unless you detune it a little.
>
> I mean, you could tell the ISP to prepend everything based on a community,
> assuming they support such a community, but why would you? That needlessly
> makes things more complicated.
>
> Regards,
> Bill Herrin
>
>
> --
> William Herrin  her...@dirtside.com  b...@herrin.us
> Dirtside Systems . Web: 
>

Re: What's the point of prepend communities?

[joel jaeggli]

On 10/26/17 10:58, Jason Lixfeld wrote:
> Hi,
>
> Of all the ISPs that I am familiar with that have a BGP community structure 
> usable by their peering partners and/or downstream customers, among other 
> things, they allow the customer to signal the ISP to prepend their own AS to 
> the as-path of a particular prefix announcement.
>
> What functionality does a provider prepend support that is otherwise lost in 
> the absence of such a feature, but all the while, the customer would be able 
> to prepend their own AS to the same prefix announcement anyway?
It has no effect on the provider itself since they prefer customer
routes anyway.

prepending towards a peer of your provider is to encourage them to
select an alternative (shorter) path.

prepending when it works is preferable to no export since the later
doesn't leave that provider available for fallback.
> Is this a relic from before ISPs allowed for local preference adjustment, or 
> is there actually a use case for this?
local pref and med is um local to your upstream.
> Thanks!
>
>




signature.asc
Description: OpenPGP digital signature

RE: What's the point of prepend communities?

[Naslund, Steve]

No, Mr Herrin was correct in the first place.  The BGP communities are used to 
control to which peers the prepend is applied.  You cannot do this within your 
own BGP configuration.  Here is the use case.

I have a connection to AT and I have one to Comcast

I want AT customers to come to me over the AT circuit.

I want everyone else to come to me over Comcast.

If I just prepend my own AS onto the AT connection I might actually cause 
AT customers to reach me via Comcast (shorter AS path potentially).  If I 
want to prevent that I send a prepend community to AT which tells them to 
prepend toward their peers BUT NOT WITHIN THEIR OWN NETWORK.  There are usually 
multiple choices here to affect different subsets of their peers (customers, 
peer carriers, etc).  There is also the case where I have multiple AT 
connections.  If I prepend just one of them the way you suggest, all of my 
traffic will probably come in the other connection.  If I prepend using 
communities I can get some traffic (from AT peers) on one connection and get 
most of the transit on the other connection.

What you are doing in effect is making your connection with AT look like AT 
is a peer rather than a transit AS.  You can also do this to more selectively 
influence your inbound traffic when you are multihomed to different carriers 
(just a simple prepend like you suggest may not be granular enough, I have seen 
cases where a single prepend pushes almost all your traffic to your other 
carrier).

The old way to do this was to ask your ISP to treat you like a peer rather than 
a transit customer.  Now you can control that yourself just by setting the 
correct communities, it can also be programmatically controlled.  Picture you 
have the configuration like I talked about above with AT and Comcast but now 
Comcast is overloaded or impaired.  By changing your communities you can 
reroute most of the traffic to AT without a MACD request to them.



Steven Naslund
Chicago IL

-Original Message-
From: NANOG [mailto:nanog-bounces+snaslund=medline@nanog.org] On Behalf Of 
Clinton Work
Sent: Thursday, October 26, 2017 2:54 PM
To: nanog@nanog.org
Subject: Re: What's the point of prepend communities?


I believe that Jason is asking about an ISP BGP community to prepend their AS 
when the BGP routes are received from the customer (not when
advertising to a peer).   I don't see a functional difference between
the two and I suspect that ISPs added support for convenience.  If you already 
send BGP communities to your ISP for other BGP route manipulation, you can add 
another community for ISP AS prepending rather
than modifying your local policies to add AS prepending.   

 You are 1.
 ISP is 2.

1 1 2  - You prepend
1 2 2   - ISP prepends

--
Clinton Work
Airdrie, AB

On Thu, Oct 26, 2017, at 01:19 PM, Leo Bicknell wrote:
> In a message written on Thu, Oct 26, 2017 at 02:47:44PM -0400, Jason 
> Lixfeld wrote:
> > I understand how prepends fit in the context of best path selection, but my 
> > question was more the difference between a customer signalling the ISP to 
> > prepend their AS using a BGP community stamped to a prefix vs. the customer 
> > prepending their own AS instead.
> 

Re: What's the point of prepend communities?

[Clinton Work]

I believe that Jason is asking about an ISP BGP community to prepend
their AS when the BGP routes are received from the customer (not when
advertising to a peer).   I don't see a functional difference between
the two and I suspect that ISPs added support for convenience.  If you
already send BGP communities to your ISP for other BGP route
manipulation, you can add another community for ISP AS prepending rather
than modifying your local policies to add AS prepending.   

 You are 1.
 ISP is 2.

1 1 2  - You prepend
1 2 2   - ISP prepends

--
Clinton Work
Airdrie, AB

On Thu, Oct 26, 2017, at 01:19 PM, Leo Bicknell wrote:
> In a message written on Thu, Oct 26, 2017 at 02:47:44PM -0400, Jason
> Lixfeld wrote:
> > I understand how prepends fit in the context of best path selection, but my 
> > question was more the difference between a customer signalling the ISP to 
> > prepend their AS using a BGP community stamped to a prefix vs. the customer 
> > prepending their own AS instead.
> 

Re: What's the point of prepend communities?

[Brett Frankenberger]

On Thu, Oct 26, 2017 at 03:05:25PM -0400, William Herrin wrote:
> 
> You'd only use communities like that if you want to signal the ISP to
> deprioritize your advertisement on a particular peer or set of peers but
> not others. That's when you're getting fancy. It's not the norm. The norm
> is you want to deprioritize one of your paths as a whole. Maybe that link
> has less capacity or is enough better connected that it would always
> override your other links unless you detune it a little.
> 
> I mean, you could tell the ISP to prepend everything based on a community,
> assuming they support such a community, but why would you? That needlessly
> makes things more complicated.

Completely agree.  I would add that some providers' "prepend
everything" community is really "prepend to all peers" (or something
else shy of "prepend to every BGP neighbor we have").  In that case, if
the customer prepends, the prepend is seen by the provider's other
customers, but if the customer sets the "prepend to all peers"
community, the provider's customers won't see the prepend.  There are
cases where that functionality would be useful.

I have never seen a provider with a true "prepend to every BGP neighbor
we have" community, but it might well exist somewhere.

 -- Brett

RE: What's the point of prepend communities?

[Naslund, Steve]

That is exactly correct.  It is normally used to control which peers the ISP is 
prepended to.  Many times the ISP has a guide that shows several different 
communities you can use to further control BGP beyond what you normally could 
do yourself.

Steven Naslund
Chicago IL

-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of William Herrin
Sent: Thursday, October 26, 2017 2:15 PM
To: Jason Lixfeld
Cc: NANOG
Subject: Re: What's the point of prepend communities?

On Thu, Oct 26, 2017 at 3:05 PM, William Herrin <b...@herrin.us> wrote:

> On Thu, Oct 26, 2017 at 2:47 PM, Jason Lixfeld 
> <jason+na...@lixfeld.ca>
> wrote:
> You'd only use communities like that if you want to signal the ISP to 
> deprioritize your advertisement on a particular peer or set of peers 
> but not others. That's when you're getting fancy. It's not the norm. 
> The norm is you want to deprioritize one of your paths as a whole. 
> Maybe that link has less capacity or is enough better connected that 
> it would always override your other links unless you detune it a little.
>
> I mean, you could tell the ISP to prepend everything based on a 
> community, assuming they support such a community, but why would you? 
> That needlessly makes things more complicated.
>

Ah, I see. I completely misread your question.

The answer you may be looking for is that the ISP can be more subtle about 
which of their peers gets your prepend. Maybe you want to prefer ISP A for your 
overseas traffic but prefer ISP B for your domestic traffic. ISP A can design a 
community tag that causes your advertisement to be prepended but only when sent 
to domestic peers.

Still not a relic but not a primary knob.

Regards,
Bill Herrin


--
William Herrin  her...@dirtside.com  b...@herrin.us Dirtside 
Systems . Web: <http://www.dirtside.com/>

Re: What's the point of prepend communities?

[Leo Bicknell]

In a message written on Thu, Oct 26, 2017 at 02:47:44PM -0400, Jason Lixfeld 
wrote:
> I understand how prepends fit in the context of best path selection, but my 
> question was more the difference between a customer signalling the ISP to 
> prepend their AS using a BGP community stamped to a prefix vs. the customer 
> prepending their own AS instead.

Imagine:

You are 1.
ISP is 2.
ISP's peers are 3 & 4.
Your B2B partner is 5.

There are paths:

1 2 3 5
1 2 4 5

If you prepend your ASN, you get:

1 1 2 3 5
1 1 2 4 5

No difference.  If you send the ISP a prepend community for 3, you get:

1 2 3 3 5
1 2 4 5

And you just forced all traffic to the second, shorter path.


-- 
Leo Bicknell - bickn...@ufp.org
PGP keys at http://www.ufp.org/~bicknell/


signature.asc
Description: PGP signature

Re: What's the point of prepend communities?

[William Herrin]

On Thu, Oct 26, 2017 at 3:05 PM, William Herrin  wrote:

> On Thu, Oct 26, 2017 at 2:47 PM, Jason Lixfeld 
> wrote:
> You'd only use communities like that if you want to signal the ISP to
> deprioritize your advertisement on a particular peer or set of peers but
> not others. That's when you're getting fancy. It's not the norm. The norm
> is you want to deprioritize one of your paths as a whole. Maybe that link
> has less capacity or is enough better connected that it would always
> override your other links unless you detune it a little.
>
> I mean, you could tell the ISP to prepend everything based on a community,
> assuming they support such a community, but why would you? That needlessly
> makes things more complicated.
>

Ah, I see. I completely misread your question.

The answer you may be looking for is that the ISP can be more subtle about
which of their peers gets your prepend. Maybe you want to prefer ISP A for
your overseas traffic but prefer ISP B for your domestic traffic. ISP A can
design a community tag that causes your advertisement to be prepended but
only when sent to domestic peers.

Still not a relic but not a primary knob.

Regards,
Bill Herrin


-- 
William Herrin  her...@dirtside.com  b...@herrin.us
Dirtside Systems . Web: 

Re: What's the point of prepend communities?

[Jason Lixfeld]

> On Oct 26, 2017, at 2:55 PM, Job Snijders  wrote:
> 
> If Network B offers some kind of “Prepend to Network C” BGP community, 
> network A will be able to utilize all of network B except the pieces that 
> perform less well. (This is ofcourse assuming that Network C picks some 
> alternative path because of the prepends)

Absolutely.  I understand the "Prepend to Network blah” use case.  The case I 
don’t get is where the ISP makes no distinction in their policy document about 
how the prepending of their own AS is applied to their upstream announcements, 
implying that it’s announced to everyone.

Re: What's the point of prepend communities?

[William Herrin]

On Thu, Oct 26, 2017 at 2:47 PM, Jason Lixfeld 
wrote:

> Hi Bill,
>
> > On Oct 26, 2017, at 2:37 PM, William Herrin  wrote:
> >
> > BGP routing is based on "distance". Distance in BGP is primarily
> calculated as the number of ASNs in the AS Path. Prepends make a path more
> distance, encouraging routers to choose a different path if one is
> available.
>
> I understand how prepends fit in the context of best path selection, but
> my question was more the difference between a customer signalling the ISP
> to prepend their AS using a BGP community stamped to a prefix vs. the
> customer prepending their own AS instead.
>
>
Hi Jason,

You'd only use communities like that if you want to signal the ISP to
deprioritize your advertisement on a particular peer or set of peers but
not others. That's when you're getting fancy. It's not the norm. The norm
is you want to deprioritize one of your paths as a whole. Maybe that link
has less capacity or is enough better connected that it would always
override your other links unless you detune it a little.

I mean, you could tell the ISP to prepend everything based on a community,
assuming they support such a community, but why would you? That needlessly
makes things more complicated.

Regards,
Bill Herrin


-- 
William Herrin  her...@dirtside.com  b...@herrin.us
Dirtside Systems . Web: 

Re: What's the point of prepend communities?

[Job Snijders]

Hi,

In context of traffic engineering it may be that Network A (customer of
Network B) observes that performance is suboptimal between Network B and
Network C.

If Network B offers some kind of “Prepend to Network C” BGP community,
network A will be able to utilize all of network B except the pieces that
perform less well. (This is ofcourse assuming that Network C picks some
alternative path because of the prepends)

I think prepend communities are useful to empower customers to debug and
perhaps even resolve issues without waiting for action from their supplier.

Prepends are also slightly more graceful than “don’t export”, since if
there are no alternative paths there still is _a_ path - and often any path
is better than no path.

Kind regards,

Job

Re: What's the point of prepend communities?

[Christopher Morrow]

On Thu, Oct 26, 2017 at 2:47 PM, Jason Lixfeld 
wrote:

> Hi Bill,
>
> > On Oct 26, 2017, at 2:37 PM, William Herrin  wrote:
> >
> > BGP routing is based on "distance". Distance in BGP is primarily
> calculated as the number of ASNs in the AS Path. Prepends make a path more
> distance, encouraging routers to choose a different path if one is
> available.
>
> I understand how prepends fit in the context of best path selection, but
> my question was more the difference between a customer signalling the ISP
> to prepend their AS using a BGP community stamped to a prefix vs. the
> customer prepending their own AS instead.
>
>
blame shifting?
avoiding instances where a third party filters:
   ?$
vs  .*$

or just people's  particular picadellos.

Re: What's the point of prepend communities?

[Jason Lixfeld]

Hi Bill,

> On Oct 26, 2017, at 2:37 PM, William Herrin  wrote:
> 
> BGP routing is based on "distance". Distance in BGP is primarily calculated 
> as the number of ASNs in the AS Path. Prepends make a path more distance, 
> encouraging routers to choose a different path if one is available.

I understand how prepends fit in the context of best path selection, but my 
question was more the difference between a customer signalling the ISP to 
prepend their AS using a BGP community stamped to a prefix vs. the customer 
prepending their own AS instead.

Re: What's the point of prepend communities?

[William Herrin]

On Thu, Oct 26, 2017 at 1:58 PM, Jason Lixfeld 
wrote:

> Of all the ISPs that I am familiar with that have a BGP community
> structure usable by their peering partners and/or downstream customers,
> among other things, they allow the customer to signal the ISP to prepend
> their own AS to the as-path of a particular prefix announcement.
>
> What functionality does a provider prepend support that is otherwise lost
> in the absence of such a feature, but all the while, the customer would be
> able to prepend their own AS to the same prefix announcement anyway?
>

Hi Jason,

BGP routing is based on "distance". Distance in BGP is primarily calculated
as the number of ASNs in the AS Path. Prepends make a path more distance,
encouraging routers to choose a different path if one is available.

So, prepends are the primary knob used for controlling which path gets
taken.


Is this a relic from before ISPs allowed for local preference adjustment,
> or is there actually a use case for this?


It's the exact opposite of a relic.

Regards,
Bill Herrin



-- 
William Herrin  her...@dirtside.com  b...@herrin.us
Dirtside Systems . Web: 

What's the point of prepend communities?

[Jason Lixfeld]

Hi,

Of all the ISPs that I am familiar with that have a BGP community structure 
usable by their peering partners and/or downstream customers, among other 
things, they allow the customer to signal the ISP to prepend their own AS to 
the as-path of a particular prefix announcement.

What functionality does a provider prepend support that is otherwise lost in 
the absence of such a feature, but all the while, the customer would be able to 
prepend their own AS to the same prefix announcement anyway?

Is this a relic from before ISPs allowed for local preference adjustment, or is 
there actually a use case for this?

Thanks!