What's the point of prepend communities?

Hi,

Of all the ISPs that I am familiar with that have a BGP community structure usable by their peering partners and/or downstream customers, among other things, they allow the customer to signal the ISP to prepend their own AS to the as-path of a particular prefix announcement.

What functionality does a provider prepend support that is otherwise lost in the absence of such a feature, but all the while, the customer would be able to prepend their own AS to the same prefix announcement anyway?

Is this a relic from before ISPs allowed for local preference adjustment, or is there actually a use case for this?

Thanks!

Of all the ISPs that I am familiar with that have a BGP community
structure usable by their peering partners and/or downstream customers,
among other things, they allow the customer to signal the ISP to prepend
their own AS to the as-path of a particular prefix announcement.

What functionality does a provider prepend support that is otherwise lost
in the absence of such a feature, but all the while, the customer would be
able to prepend their own AS to the same prefix announcement anyway?

Hi Jason,

BGP routing is based on "distance". Distance in BGP is primarily calculated
as the number of ASNs in the AS Path. Prepends make a path more distance,
encouraging routers to choose a different path if one is available.

So, prepends are the primary knob used for controlling which path gets
taken.

Is this a relic from before ISPs allowed for local preference adjustment,

or is there actually a use case for this?

It's the exact opposite of a relic.

Regards,
Bill Herrin

Hi Bill,

blame shifting?
avoiding instances where a third party filters:
  <ispasn> ?$
vs <ispasn> .*$

or just people's particular picadellos.

Hi,

In context of traffic engineering it may be that Network A (customer of
Network B) observes that performance is suboptimal between Network B and
Network C.

If Network B offers some kind of “Prepend to Network C” BGP community,
network A will be able to utilize all of network B except the pieces that
perform less well. (This is ofcourse assuming that Network C picks some
alternative path because of the prepends)

I think prepend communities are useful to empower customers to debug and
perhaps even resolve issues without waiting for action from their supplier.

Prepends are also slightly more graceful than “don’t export”, since if
there are no alternative paths there still is _a_ path - and often any path
is better than no path.

Kind regards,

Job

Hi Jason,

You'd only use communities like that if you want to signal the ISP to
deprioritize your advertisement on a particular peer or set of peers but
not others. That's when you're getting fancy. It's not the norm. The norm
is you want to deprioritize one of your paths as a whole. Maybe that link
has less capacity or is enough better connected that it would always
override your other links unless you detune it a little.

I mean, you could tell the ISP to prepend everything based on a community,
assuming they support such a community, but why would you? That needlessly
makes things more complicated.

Regards,
Bill Herrin

Absolutely. I understand the "Prepend to Network blah” use case. The case I don’t get is where the ISP makes no distinction in their policy document about how the prepending of their own AS is applied to their upstream announcements, implying that it’s announced to everyone.

Keep in mind also that when you allow a customer to deprioritize a
particular peer you can really blow up your COGS model (assuming you buy
transit).

Cheers,
Steve

Ah, I see. I completely misread your question.

The answer you may be looking for is that the ISP can be more subtle about
which of their peers gets your prepend. Maybe you want to prefer ISP A for
your overseas traffic but prefer ISP B for your domestic traffic. ISP A can
design a community tag that causes your advertisement to be prepended but
only when sent to domestic peers.

Still not a relic but not a primary knob.

Regards,
Bill Herrin

In a message written on Thu, Oct 26, 2017 at 02:47:44PM -0400, Jason Lixfeld wrote:

I understand how prepends fit in the context of best path selection, but my question was more the difference between a customer signalling the ISP to prepend their AS using a BGP community stamped to a prefix vs. the customer prepending their own AS instead.

Imagine:

You are 1.
ISP is 2.
ISP's peers are 3 & 4.
Your B2B partner is 5.

There are paths:

1 2 3 5
1 2 4 5

If you prepend your ASN, you get:

1 1 2 3 5
1 1 2 4 5

No difference. If you send the ISP a prepend community for 3, you get:

1 2 3 3 5
1 2 4 5

And you just forced all traffic to the second, shorter path.

That is exactly correct. It is normally used to control which peers the ISP is prepended to. Many times the ISP has a guide that shows several different communities you can use to further control BGP beyond what you normally could do yourself.

Steven Naslund
Chicago IL

Completely agree. I would add that some providers' "prepend
everything" community is really "prepend to all peers" (or something
else shy of "prepend to every BGP neighbor we have"). In that case, if
the customer prepends, the prepend is seen by the provider's other
customers, but if the customer sets the "prepend to all peers"
community, the provider's customers won't see the prepend. There are
cases where that functionality would be useful.

I have never seen a provider with a true "prepend to every BGP neighbor
we have" community, but it might well exist somewhere.

     -- Brett

I believe that Jason is asking about an ISP BGP community to prepend
their AS when the BGP routes are received from the customer (not when
advertising to a peer). I don't see a functional difference between
the two and I suspect that ISPs added support for convenience. If you
already send BGP communities to your ISP for other BGP route
manipulation, you can add another community for ISP AS prepending rather
than modifying your local policies to add AS prepending.

You are 1.
ISP is 2.

1 1 2 - You prepend
1 2 2 - ISP prepends

The "prepend to everybody" communities are usually implemented as "prepend to all peers", excluding customers, and for some variable definition of "all". YMMV, caveat emptor, et cetera -- in most cases you'll need to experiment.

I've used "prepend to all peers" communities a few times to avoid saturating transit links that are being consolidated but still under contract, in order to keep the link viable and in use by the immediate neighbor and their customers, but otherwise make it less attractive to the rest of the world under normal conditions.

-Rob

No, Mr Herrin was correct in the first place. The BGP communities are used to control to which peers the prepend is applied. You cannot do this within your own BGP configuration. Here is the use case.

I have a connection to AT&T and I have one to Comcast

I want AT&T customers to come to me over the AT&T circuit.

I want everyone else to come to me over Comcast.

If I just prepend my own AS onto the AT&T connection I might actually cause AT&T customers to reach me via Comcast (shorter AS path potentially). If I want to prevent that I send a prepend community to AT&T which tells them to prepend toward their peers BUT NOT WITHIN THEIR OWN NETWORK. There are usually multiple choices here to affect different subsets of their peers (customers, peer carriers, etc). There is also the case where I have multiple AT&T connections. If I prepend just one of them the way you suggest, all of my traffic will probably come in the other connection. If I prepend using communities I can get some traffic (from AT&T peers) on one connection and get most of the transit on the other connection.

What you are doing in effect is making your connection with AT&T look like AT&T is a peer rather than a transit AS. You can also do this to more selectively influence your inbound traffic when you are multihomed to different carriers (just a simple prepend like you suggest may not be granular enough, I have seen cases where a single prepend pushes almost all your traffic to your other carrier).

The old way to do this was to ask your ISP to treat you like a peer rather than a transit customer. Now you can control that yourself just by setting the correct communities, it can also be programmatically controlled. Picture you have the configuration like I talked about above with AT&T and Comcast but now Comcast is overloaded or impaired. By changing your communities you can reroute most of the traffic to AT&T without a MACD request to them.

Steven Naslund
Chicago IL

Hi,

Of all the ISPs that I am familiar with that have a BGP community structure usable by their peering partners and/or downstream customers, among other things, they allow the customer to signal the ISP to prepend their own AS to the as-path of a particular prefix announcement.

What functionality does a provider prepend support that is otherwise lost in the absence of such a feature, but all the while, the customer would be able to prepend their own AS to the same prefix announcement anyway?

It has no effect on the provider itself since they prefer customer
routes anyway.

prepending towards a peer of your provider is to encourage them to
select an alternative (shorter) path.

prepending when it works is preferable to no export since the later
doesn't leave that provider available for fallback.

Is this a relic from before ISPs allowed for local preference adjustment, or is there actually a use case for this?

local pref and med is um local to your upstream.

If I understand the OP correctly, I will use this real world example:

https://onestep.net/communities/as174/

174:3001 through 174:3003 as compared to doing the prepending yourself. What is the functional difference?

BGP neighbors of 174 will see just as many AS hops either way, but non-BGP customers of 174 would see you just one hop away. It's just another method of traffic engineering.

According to the link you provided, 3001..3003 are effective on "ALL
peer[s]" (which is differnet from all BGP neighbors). So BGP-speaking
customers of 174 will not see the prepending if you use 174:3001..3003,
but peers will; but if you do the prepending yourself, then all 174's
peers and all 174's BGP-speaking customers see it.

     -- Brett

In a message written on Thu, Oct 26, 2017 at 01:54:17PM -0600, Clinton Work wrote:

I believe that Jason is asking about an ISP BGP community to prepend
their AS when the BGP routes are received from the customer (not when

Yeah, I typoed my example, should have been:

There are paths:

1 2 3 5
1 2 4 5

If you prepend your ASN, you get:

1 1 2 3 5
1 1 2 4 5

No difference. If you send the ISP a prepend community for 3, you get:

1 2 2 3 5
1 2 4 5

And you just forced all traffic to the second, shorter path. For only
customers that are dual homed to 3 & 4 without affecting other traffic.

Hi guys,

But keep in mind that 'prepend communities' are fragile: I decide by local preference whereto I send my traffic.

Cheers,
mh