Cato Reserved BGP Communities

This article discusses how to use Cato reserved BGP communities.


Cato provides a list of reserved BGP communities with hard-coded behavior for handling and processing incoming BGP prefixes from the neighboring routing devices. When Cato receives a BGP prefix marked with a reserved community, it will handle it according to the section below, Cato's Reserved BGP Communities.

This is the structure for Cato reserved communities: Cato peer AS:<reserved value>. For example, a Socket site with a BGP neighbor that we want to apply the Socket isolated routing reserved community:

  • Cato Socket site is configured with AS 65001

  • LAN switch is configured with AS 65002

  • The desired functionality is to isolate the routes on the Socket level and not to propagate the routes to the PoP, this can be achieved with the reserved value 32768 (see table below)

    The reserved community for this example would be 65001:32768.

For more about defining the Cato peer AS, see Configuring BGP Neighbors for a Cato Socket.

Cato's Reserved BGP Communities

The following table describes the reserved BGP communities and their functionality.


BGP Community

Applies To


Socket isolated routing

<Cato peer AS>:32768

Socket sites with Socket v15 or higher

  • The Socket installs the received BGP prefixes tagged with the reserved community in the routing table

  • The Socket doesn't propagate these prefixes to the PoP

  • For routing decisions, the Socket prefers BGP routes tagged with the reserved community over routes received from the PoP in the Cato Cloud

  • Sample use case - route all the WAN traffic over the Alt WAN network, and only the Internet and SDP user traffic is sent over the Cato Cloud

Was this article helpful?

1 comment

  • Comment author
    Bert-Jan Kamp

    This article is not clear and lacks an example

Add your comment