Hetzner BGP Communities: Complete Configuration Guide

Understanding Hetzner BGP Communities: A Complete Guide

If you’re managing network infrastructure at Hetzner, understanding BGP communities is essential for optimizing your routing strategy. These powerful tags allow you to control how your traffic flows through Hetzner’s network, giving you fine-grained control over inbound and outbound routing decisions.

What Are BGP Communities?

BGP communities are optional transitive attributes that network operators attach to BGP routes. Think of them as labels or tags that tell upstream providers how to handle your traffic. Each community is represented as a numeric value, typically in the format AS:Number (e.g., 24940:1000).

Hetzner, with their autonomous system number AS24940, provides specific community values that customers can use to influence routing behavior. These communities work with both dedicated servers and cloud instances that support BGP.

Hetzner BGP Community Values

Hetzner offers several BGP community values that serve different purposes. Here’s a breakdown of the most commonly used ones:

Traffic Engineering Communities

• 24940:1 — Prepend AS path once (makes your prefix appear longer)
• 24940:2 — Prepend AS path twice (stronger depreference)
• 24940:3 — Prepend AS path three times (maximum depreference)

Transit Control Communities

• 24940:100 — Do not export to any peer
• 24940:200 — Export only to upstream providers
• 24940:300 — Export to peers only

Local Preference Communities

• 24940:1000 — Set local preference to 100 (low)
• 24940:1100 — Set local preference to 110 (medium)
• 24940:1200 — Set local preference to 120 (high)

How to Use Hetzner BGP Communities

Implementing BGP communities requires configuration in your router or BGP daemon. Here’s how to apply them in different scenarios:

Using with Quagga or FRRouting

router bgp 65001  neighbor 195.66.XX.X route-map HETZNER_COMMUNITIES in  route-map HETZNER_COMMUNITIES permit 10  set community 24940:2 additive 

Using with Cisco IOS

ip community-list standard HETZNER_PREPEND permit 24940:2 route-map HETZNER_IN permit 10  match community HETZNER_PREPEND  set as-path prepend 65001 65001 

Practical Use Cases

1. Traffic Load Balancing

By applying different prepend communities to different BGP sessions, you can influence how traffic enters your network. This is useful when you have multiple uplinks and want to balance traffic load or prefer certain paths.

2. Backup Link Configuration

Use AS path prepending to make your primary link more attractive for traffic, keeping your backup link available for failover scenarios. Apply 24940:3 to your backup peer session to deprioritize it.

3. Transit Provider Selection

If you’re multihoming with multiple transit providers, BGP communities help you control which provider carries more traffic. Set local preference communities to prefer specific upstream paths.

4. Preventing Route Leaks

The export control communities (24940:100, 24940:200, 24940:300) prevent unintended route propagation, ensuring your prefixes don’t leak to networks you don’t intend to announce to.

Best Practices

• Test in staging: Always test BGP community configurations in a non-production environment first
• Monitor closely: After applying communities, monitor your routing tables and traffic patterns
• Document changes: Keep records of which communities you apply and why
• Start conservative: Begin with lighter prepend values (24940:1) before moving to stronger ones
• Coordinate with Hetzner: For complex setups, contact Hetzner support for guidance

Common Mistakes to Avoid

When working with Hetzner BGP communities, avoid these common pitfalls:

• Applying communities to the wrong direction (in vs out)
• Using overly aggressive prepending that makes routes invisible
• Forgetting to enable community propagation on your router
• Not verifying community implementation with looking glasses

Verification and Monitoring

After implementing BGP communities, verify they’re working correctly:

• Check your advertised prefixes using looking glass tools
• Monitor BGP updates in your routing daemon logs
• Use show ip bgp community commands to verify community attachment
• Test from external locations using traceroute and BGP looking glasses

FAQ

What is the AS number for Hetzner?

Hetzner’s autonomous system number is AS24940. All Hetzner BGP communities use this AS number as the prefix.

Can I use multiple BGP communities together?

Yes, you can apply multiple communities to the same prefix using the additive keyword in most BGP implementations. This allows for complex routing policies.

Do Hetzner BGP communities work with their cloud API?

Yes, Hetzner’s cloud and dedicated server platforms that support BGP will honor community values. Check your specific service capabilities in the Hetzner console.

How long do BGP community changes take effect?

BGP is a gradual process. Changes typically take effect within a few minutes to an hour, depending on BGP convergence times across the internet.

Are Hetzner BGP communities supported on all server types?

BGP communities work with Hetzner’s dedicated servers and cloud instances that have BGP capability enabled. Not all entry-level configurations include BGP support.

Conclusion

Hetzner BGP communities provide powerful tools for network engineers to control routing behavior. Whether you’re balancing traffic across multiple links, setting up backup connections, or fine-tuning transit provider selection, these communities offer the flexibility needed for modern network architectures.

Start with simple configurations and gradually implement more complex policies as you become comfortable with how BGP communities affect your traffic flow. Always monitor changes carefully and maintain documentation of your routing policies.

If you’re looking to optimize your Hetzner infrastructure, understanding and implementing BGP communities is a valuable skill that gives you greater control over your network performance.