Example: Preventing Routing Loops

Routing loops can occur when routes learned from a peer are later advertised back to that peer. Normally such routing loops are prevented by the AS-path attribute. However, the AS path cannot prevent routing loops in a network configuration with the following characteristics:

The site-of-origin extended community attribute enables BGP to filter out such routes to prevent routing loops in this network. You can use the set extcommunity command to specify a site of origin and then use the match extcommunity command and an outbound route map to filter routes; for more information, see Extended Community Lists in the cit-junose-ip-services;.

Alternatively, you can use the neighbor site-of-origin command alone to achieve the same effect in such a network configuration. If you use this command to configure a site of origin for routes from a peer, then routes advertised to that peer that contain this site of origin are filtered out and not advertised. This behavior is followed regardless of whether the neighbor send-community extended command has been issued for the peer.

Consider the network shown in Figure 97, which enables PE 3 to advertise back to CE 1 routes that it learned from PE 1 that originated with CE 1. In a typical network configuration, CE 1 rejects these routes because it determines from the AS path that a routing loop exists. In this particular network, the neighbor as-override command prevents this method of detection.

Figure 97: Network with Potential Routing Loops

Network with Potential Routing Loops

The following commands are relevant to the illustrated network:

host1:pe1(config)#ip vrf yourvpn host1:pe1(config-vrf)#rd 200:1 host1:pe1(config-vrf)#route-target both 200:11 ...host1:pe1(config)#router bgp 200 host1:pe1(config-router)#address-family ipv4 unicast vrf yourvpn host1:pe1(config-router)#neighbor 10.5.4.22 remote-as 100 host1:pe1(config-router)#neighbor 10.5.4.22 as-override ...

Now, suppose instead you assign a unique site of origin to each CE router in the network and configure the BGP session on each PE router with the site of origin. The result of the following (partial) configuration is shown in Figure 98.

host1:pe1(config)#ip vrf yourvpn host1:pe1(config-vrf)#rd 200:1 host1:pe1(config-vrf)#route-target both 200:11 ...host1:pe1(config)#router bgp 200 host1:pe1(config-router)#address-family ipv4 unicast vrf yourvpn host1:pe1(config-router)#neighbor 10.5.4.22 remote-as 100 host1:pe1(config-router)#neighbor 10.5.4.22 as-override host1:pe1(config-router)#neighbor 10.5.4.22 site-of-origin 200:21 ...

Figure 98: Preventing Potential Routing Loops in the Network

Preventing Potential Routing Loops in
the Network

Related Documentation