BGP Extended Community in MPLS : Site of Origin (SoO)
Today I am going to talk about the BGP Extended community used for the MPLS VPN environment SOO. SOO states for Site of Origin. Site of Origin is used to identify routes that have originated from a site so that the re advertisement of that prefix back to the source site can be prevented. Make sure that Cisco Express Forwarding is enabled in your network.
The SoO extended community uniquely identifies the site from which a router has learned a route. BGP can use the SoO value associated with a route to prevent routing loops.
What are the different ways to configure Site of Origin in the Network ?
There are three ways to configure an SoO value for a BGP neighbor:
- BGP peer policy template: The first way is using the BGP peer policy template. A peer policy template is created, and an SoO value is configured as part of the peer policy. Under address family IPv4 VRF, a neighbor is identified and is configured to inherit the peer policy that contains the SoO value.
- BGP neighbor command: The second way is to have it configure on the neighbor command. Under address family IPv4 VRF, a neighbor is identified, and an SoO value is configured for the neighbor.
- BGP peer group: The third way is to configure the BGP peer group. Under address family IPv4 VRF, a BGP peer group is configured, an SoO value is configured for the peer group, a neighbor is identified, and the neighbor is configured as a member of the peer group.
Let's take an example to explain Site of Origin with the below mentioned topology. Before we start let's assume that customer's router RouteXP_S1_CE1 and RouteXP_S2_CE1 are in one AS 100. Now for that SoO tag is set as 100:1 for the customer site that includes routers RouteXP_S1_CE1 and RouteXP_S2_CE1 with an autonomous system number of 100. When RouteXP_S1_CE1 sends prefixes to PE1, PE1 tags the prefixes with 100:1, which is the SoO tag for RouteXP_S1_CE1 and RouteXP_S2_CE1.
 |
Fig 1.1- Site of Origin Basic Topology
|
When PE1 sends the tagged prefixes to PE2, PE2 performs a match against the SoO tag from RouteXP_S2_CE1 Any prefixes with the tag value of 100:1 are not sent to RouteXP_S2_CE1 because the SoO tag matches the SoO tag of RouteXP_S2_CE1, and a routing loop is avoided.
Configuring a per Neighbor SoO Value Using a BGP Peer Policy Template
In this example, we used vrf as RouteXP and Policy as RouteXP_Policy for the configuration. Below are the configurations.
!
ip cef
ip vrf RouteXP
rd 1:1
route-target export 1:1
route-target import 1:1
exit
!
interface GigabitEthernet 1/0
ip vrf forwarding RouteXP
ip address 192.168.1.2 255.255.255.0
exit
!
router bgp 200
template peer-policy RouteXP_Policy
soo 100:1
exit-peer-policy
address-family ipv4 vrf RouteXP
neighbor 192.168.1.1 remote-as 100
neighbor 192.168.1.1 activate
neighbor 192.168.1.1 inherit peer-policy RouteXP_Policy
end
!
Configuring a per Neighbor SoO Value Using a BGP neighbor Command
Similarly this is the sample configuration of SOO with the BGP neighbor command and here we uses the vrf RouteXP
!
ip cef
ip vrf RouteXP
rd 1:1
route-target export 1:1
route-target import 1:1
exit
!
interface GigabitEthernet 1/0
ip vrf forwarding RouteXP
ip address 192.168.2.2 255.255.255.0
exit
!
router bgp 200
address-family ipv4 vrf RouteXP
neighbor 192.168.2.1 remote-as 100
neighbor 192.168.2.1 activate
neighbor 192.168.2.1 soo 100:1
end
!
Configuring a per Neighbor SoO Value Using a BGP Peer Group
Similarly in this example, we uses the vrf as RouteXP and peer group name as RouteXP_Group
!
ip cef
ip vrf RouteXP
rd 1:1
route-target export 1:1
route-target import 1:1
exit
!
interface GigabitEthernet 1/0
ip vrf forwarding RouteXP
ip address 192.168.1.2 255.255.255.0
exit
!
router bgp 200
address-family ipv4 vrf RouteXP
neighbor SOO_GROUP peer-group
neighbor SOO_GROUP soo 100:1
neighbor 192.168.1.1 remote-as 100
neighbor 192.168.1.1 activate
neighbor 192.168.1.1 peer-group RouteXP_Group
end
!
