Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Controlling BGP routing from my HQ to remote sistes

Hi all

Can anyone tell me which is the best and easiest way to control what routes my remote sites can see. We have a HQ and lots of remote sites,

would be be something like a route map on the remote end ?


Everyone's tags (5)
Hall of Fame Super Silver

Controlling BGP routing from my HQ to remote sistes

Hello Carl,

the more scalable way to perform this is to use BGP communities to tag BGP routes sent by HQ.

On remote sites you will have a route-map matching on BGP community value(s) using a community-list.

Instead of specifying what IP prefixes you want to learn on the remote site with an IP ACL or a prefix-list, you configure the router to accept all the routes that have a BGP community value as expected.

In this way, in the future you will need to make changes only on the HQ to add a new route to those that should be learned by remote sites, by simply adding a specific BGP community value to the BGP advertisement.

Multiple BGP communities values can be associated with a single BGP advertisement making the mechanism very flexible.

You can divide the routes in multiple groups and you can associate each of them with a BGP community value.

In this way you can also configure different remote sites to accept/import more then one group of routes as needed.

To be noted in order to propagate the BGP community attribute you will need the command

neighbor x.x.x.x send-community

if it is not present.

This approach should work also if your sites are interconnected with an MPLS L3VPN if the PE routers are configured for BGP community propagation ( and they should ).

The HQ router(s) need a route-map with the set community action in the route-map blocks.

To preserve the current set of BGP communities on the route you can use set community  value additive.

Hope to help


New Member

Controlling BGP routing from my HQ to remote sistes


thanks for the reply, can you give me an example of the config ?

would it be route map, match an access list, then set community ?


Controlling BGP routing from my HQ to remote sistes

Hi Carl,

Apart from what Giuseppe Larosa  said you could also do it by matching routes on prefix-list and using route-map. or use a prefix-list option directly on neighbor command to filter routes.


ip prefix-list deny EXAMPLE

ip prefix-list permit EXAMPLE le 30

ip prefix-list permit EXAMPLE le 27


route-map SITE1

match ip address prefix-list EXAMPLE


router bgp XX

neigbor X.X.X.X route-map SITE1 out


neigbor X.X.X.X prefix-list EXAMPLE out


Nandan Mathure.

CreatePlease login to create content