Community no-export for the advertising route in BGP

This configuration shows how to set a community attribute of no-export to your advertising route. Perhaps that you want that your route will only be given to your neighboring AS and you don’t want that route to be advertised to another AS. Basically it is just telling your neighboring that this route is only for you and you should adverstised to other AS. This is done by setting the community attribute no-export your advertising route. Below is the configuration.

router eigrp 100

passive-interface Serial0/0

network 192.168.199.0

no auto-summary

!

router bgp 100

bgp log-neighbor-changes

aggregate-address 192.168.192.0 255.255.248.0 attribute-map ORIGIN suppress-map VERMONT

redistribute eigrp 100

neighbor 192.168.1.253 remote-as 200

neighbor 192.168.1.253 send-community

neighbor 192.168.1.253 route-map COMMUNITY out

!

ip classless

ip route 192.168.192.0 255.255.248.0 Null0

ip http server

!

access-list 1 permit 192.168.195.0 0.0.0.255

access-list 1 permit 192.168.196.0 0.0.3.255

access-list 101 permit ip host 192.168.192.0 host 255.255.248.0

route-map ORIGIN permit 10

set origin incomplete

!

route-map COMMUNITY permit 10

match ip address 101

set community none

!

route-map COMMUNITY permit 20

set community no-export

!

route-map VERMONT permit 10

match ip address 1

!

The configuration shows that the router is advertising an aggregated route which has attribute-map and suppress-map. I will break down this configuration into pieces,

Aggregate-address , this command triggers an aggregated route to be advertised to the neighboring AS.

Attribute-map, this command sets attribute to the advertising aggregated route. The ORIGIN in the configuration is a route-map calling function which it will set the attribute. The ORIGIN route-map I specify in my configuration simply changing the default origin into incomplete.

Suppress-map, this command specifies a more specific route to be included in the advertising route. Of course a matching access list should be followed.

Notice in my configuration the command neighbor 192.168.1.253 route-map COMMUNITY out, this specifies a route-map calling function for COMMUNITY. The route-map under the COMMUNITY will match all the conditions. There area two route maps for COMMUNITY, the sequence 10 route map for COMMUNITY will be the first one to be process. It will match the access list 101 specified and if there’s a match it will set a none attribute for that route. If there’s no match it will go to the sequence 20 route map for processing, this will right away set the attribute of no-export community for the route entry.