Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Example: Preventing Routing Loops

    Routing loops can occur when routes learned from a peer are later advertised back to that peer. Normally such routing loops are prevented by the AS-path attribute. However, the AS path cannot prevent routing loops in a network configuration with the following characteristics:

    • BGP is running between CE and PE routers.
    • You use a single AS number for all customer sites, and have issued the neighbor as-override command for the PE routers.
    • A CE router is dual-homed to two or more PE routers.

    The site-of-origin extended community attribute enables BGP to filter out such routes to prevent routing loops in this network. You can use the set extcommunity command to specify a site of origin and then use the match extcommunity command and an outbound route map to filter routes; for more information, see Extended Community Lists in the cit-junose-ip-services;.

    Alternatively, you can use the neighbor site-of-origin command alone to achieve the same effect in such a network configuration. If you use this command to configure a site of origin for routes from a peer, then routes advertised to that peer that contain this site of origin are filtered out and not advertised. This behavior is followed regardless of whether the neighbor send-community extended command has been issued for the peer.

    Consider the network shown in Figure 1, which enables PE 3 to advertise back to CE 1 routes that it learned from PE 1 that originated with CE 1. In a typical network configuration, CE 1 rejects these routes because it determines from the AS path that a routing loop exists. In this particular network, the neighbor as-override command prevents this method of detection.

    Figure 1: Network with Potential Routing Loops

    Network with Potential Routing Loops

    The following commands are relevant to the illustrated network:

    host1:pe1(config)#ip vrf yourvpn host1:pe1(config-vrf)#rd 200:1 host1:pe1(config-vrf)#route-target both 200:11 ...host1:pe1(config)#router bgp 200 host1:pe1(config-router)#address-family ipv4 unicast vrf yourvpn host1:pe1(config-router)#neighbor 10.5.4.22 remote-as 100 host1:pe1(config-router)#neighbor 10.5.4.22 as-override ...

    Now, suppose instead you assign a unique site of origin to each CE router in the network and configure the BGP session on each PE router with the site of origin. The result of the following (partial) configuration is shown in Figure 2.

    host1:pe1(config)#ip vrf yourvpn host1:pe1(config-vrf)#rd 200:1 host1:pe1(config-vrf)#route-target both 200:11 ...host1:pe1(config)#router bgp 200 host1:pe1(config-router)#address-family ipv4 unicast vrf yourvpn host1:pe1(config-router)#neighbor 10.5.4.22 remote-as 100 host1:pe1(config-router)#neighbor 10.5.4.22 as-override host1:pe1(config-router)#neighbor 10.5.4.22 site-of-origin 200:21 ...

    Figure 2: Preventing Potential Routing Loops in the Network

    Preventing Potential Routing Loops in
the Network

    Published: 2014-08-18