Below I’m going to go over a simple BGP configuration that’s used with AWS Direct. You need to get the community number from your ISP.
IMPORTANT:
When using communities on a Cisco devices, it will default to decimal format and NOT the new format XXXX:XXXX. You need to run this global command first:
ip bgp-community new-format
After entering the command above, create a prefix list to help control what routes will be advertised to AWS. I like to control my routes but if you want to send all your routes, go for it. I wouldn’t send any routes to AWS unless they need them.
ip prefix-list BGP-ADVERTISED-PREFIXES-ADD-COMMUNITY description ROUTES ADVERTISED TO AWS WITH COMMUNITY SET ip prefix-list BGP-ADVERTISED-PREFIXES-ADD-COMMUNITY seq 5 permit 100.XX.0.0/30 ip prefix-list BGP-ADVERTISED-PREFIXES-ADD-COMMUNITY seq 10 permit 192.168.10.0/24 ip prefix-list BGP-ADVERTISED-PREFIXES-ADD-COMMUNITY seq 20 permit 192.168.20.0/24 ip prefix-list BGP-ADVERTISED-PREFIXES-ADD-COMMUNITY seq 30 permit 192.168.30.0/24
Now create a route map that will set the community you got from your ISP to the routes being advertised to AWS.
route-map BGP-POLICY-OUT permit 10 match ip address prefix-list BGP-ADVERTISED-PREFIXES-ADD-COMMUNITY set community XXXX:XXXX additive
Almost done. Now we need to configure BGP use the route-map and prefix list. The key thing to do here is to make sure you add the “send-community” command. Along with that command, you also add the “route-map” command.
router bgp 65001
bgp router-id
bgp log-neighbor-changes
network 100.XX.0.0 mask 255.255.255.252
redistribute eigrp 1 route-map EIGRP>BGP
neighbor {NEIGHBOR_IP} remote-as 1234
neighbor {NEIGHBOR_IP} send-community
neighbor {NEIGHBOR_IP} soft-reconfiguration inbound
neighbor {NEIGHBOR_IP} route-map BGP-POLICY-OUT out
Now it’s time to verify it’s working. You should see the only routes being advertised are the ones in our prefix list.
cordero-asr1001x-aws#sh ip bgp neighbors {NEIGHBOR_IP} advertised-routes
BGP table version is 201, local router ID is 100.65.0.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
t secondary path, L long-lived-stale,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 100.XX.0.0 10.11.1.1 0 32768 i
*> 192.168.10.0 10.11.1.1 3072 32768 ?
*> 192.168.20.0 10.11.1.1 3072 32768 ?
*> 192.168.30.0 10.11.1.1 3072 32768 ?
Total number of prefixes 6
cordero-asr1001x-aws#
You’re done.