ip community-list configuration command directory
Create community list rule used for BGP route. Use command “no” to
delete configured community list rules.
ip
community-list <name> <deny | permit> [aa:nn | 1-4294967295 | local-AS | no-advertise | no-export ]
no
ip community-list <name>
[deny | permit] [aa:nn | 1-4294967295
| local-AS | no-advertise | no-export
]
<name> Name of Community-list
<deny | permit> Character of Community-list
rules
<1-4294967295> Community value. Community is a
32-digit symbol whole number.
aa:nn New
form of Community. The aa means high 16-digit
value and nn means low 16-digit value.
<no-advertise> Not
advertiseto any neighbor (well-known community number)
<local-AS> Not advertise outside of autonomous system, including EBGP neighborin
the same autonomous system confederation. (well-known community number)
<no-export> Not
advertise outside ofthe same autonomous system or outside the autonomous system
confederation (well-known community number).
Default is to
refuse all communities excluding those with clear explanation to permit.
global
configuration mode
The “community-list” is also called community
list used to filter or set community attribute of BGP routes. Community attribute
is the number of a community or a group of communities. A community number is a
4-byte value. he following range are reserved: 0x00000000 - 0x0000FFFF and 0xFFFF0000 - 0xFFFFFFFF. These
community numbers are recognized with global meanings. Commonly used well-know
community are:
NO_EXPORT(0xFFFFFF01): After receiving routeswith this community number, it should not be advertised to peersoutside of the autonomous system or autonomous system confederation (if this router belongs to an autonomous system confederation).
NO_ADVERTISE (0xFFFFFF02): After receiving routes with this community, it should not be advertised to any peer
N NO_EXPORT_SUBCONFED(0xFFFFFF03): It is always called LOCAL_AS. After receiving routes with this community, it should not be advertised to any peeroutside own autonomous system.
Community list is indicated with names in the system. Total number of communities configurable is only constrained to system resource. Several matching rules can be configured under the same community list. The process to apply the community list is to check in turn according to configuration orders. Once a rule is matched successfully, stop the following check and return to the attribute of this rule (deny/permit). If all rules cannot be matched successfully, return deny. The order to check every rule is organized according to configuration orders.
A community-list rule has three elements: name, rule attribute (deny/permit), community sequences number. Community listis a collection of a group of community. To check whether a given community matches a rule is to check whether all community numbers of this community is in the community series of given rule. If yes, it is recognized matched successfully. Return the attribute of the rule. If not, it is recognized as failed. Continue to make the matching of next rule.
The community list can be used together with
command “match community” of route-map.
The “community-list
yall” defined in the following example refuses communities with
value of 5 or 10 and permits communities with value of 15 or 20.
ip community-list yall deny
5 10
ip community-list yall
permit 15 20
Show community list configured in the system. Designate name to show
information of designated community list.
show
ip community-list <name>
<name> Name of community list
Default:
none
Supervisor
mode
If No nameprovided. display information of all community
list configured in the system.
in the
following example, all community
lists in the system will be diplayed:
Show ip community-list