Case Study 10: BGP Site of Origin

Site of Origin (SoO) is one of the attributes a PE router assigns to a prefix prior to redistributing any VPNv4 prefixes. SoO in BGP is configured at neighbor level and is used to manage MPLS VPN traffic and to prevent transient routing loops from occurring in complex and mixed network topologies. SoO uniquely identifies the site from which the PE router learned the prefix. All prefixes learned from a particular site must be assigned the same site of origin attribute, even if the site is multiply connected to a single PE, or is connected to multiple PEs. The objective of this case study is to demonstrate SoO configuration when BGP PE-CE routing protocol is used In this case study, CE1-A and CE2-A belong to the same site, and this site is connected to multiple PE routers PE1-AS1 and PE2-AS1. Figure 14-55 shows the topology where all Customer A sites belong to BGP AS 65001.

Figure 14-55. SoO in BGP PE-CE Based MPLS VPN Network

Figure 14-56 shows the relevant configuration to configure and verify SoO in BGP PE-CE based MPLS VPN network.

Figure 14-56. Configure and Verify BGP SoO

Command Reference

Command	Description
Router(config)# ip multicast-routing vrf vrf_name	Enables multicast routing functionality on a per-VRF basis.
Router(config-vrf)# mdt default group -address	Configures the default MDT group-address for the mVPN multicast multipoint tunnel.
Router(config-vrf)# mdt data group-address wildcard-bits-defining-range { threshold threshold-in-kbps [ list access-list-number ] list access-list-number }	Defines the data MDT group-address range for the mVPN, as well as the threshold values defining the groups that will associate with the data MDT.
Router(config-if)# ip pim { sparse-mode dense-mode sparse-dense-mode }	Enables PIM on the interface.
Router(config)# ip pim ssm default	Enables SSM on the router.
Router(config-router)# capability vrf-lite	Configures the CE OSPF process as a OSPF multi-vrf CE capable process.
Router(config)# vrf selection source source-IP-address source-IP-mask vrf vrf_name	Configures the IP addresses mapping to a specific VRF table when implementing VRF selection.
Router(config-if)# ip vrf select source	Enables the interface for VRF selection based on source IP address.
Router(config-if)# ip vrf receive vrf- name	Configures the interface for mapping to addresses that will associate with a specific VRF when implementing VRF selection.
Router(config)# ip prefix-list prefix-list-name [ seq seq-value ] { deny network/length permit network/length } [ ge ge-value ] [ le le-value ]	Configures traffic to map to a specific VRF when implementing PBR VRF selection.
Router(config-if)# standby hsrp-group-number IP virtual-IP-address-of-hsrp-group	Enables HSRP on the VRF interface.
Router(config-if)# standby [ group-number ] priority priority [ preempt [ delay [ minimum sync ] delay ]]	Configures the HSRP standby group and priority, delay, and preemption.
Router(config-if)# standby [ group-number ] timers hellotime holdtime	Configures the HSRP timers on VRF interface.
Router(config-if)# standby [ group-number ] track interface-type interface-number [ interface-priority ]	Configures the interface to be tracked for HSRP on VRF interface to activate.
Router(config)# interface interface-connected-to-services-ce-type number Router(config)# ip nat outside router(config)# interface interface-connected-to-MPLS-domain-type number router(config-if)# ip nat inside	Configures the NAT inside and outside interfaces for NAT integration to MPLS VPN.
Router(config)# ip nat pool nat-pool-name s tart-range-of-IP-addresses end-range-of-IP-addresses netmask netmask	Configures NAT pool for IP addresses that will undergo NAT translation.
Router(config)# ip nat inside source-list [ access-list-name access-list-number ] pool nat-pool-name vrf vrf_name2	Associates NAT pool with customer VRFs.
Router(config)# pseudowire-class class_name Router(config-pw-class)# encapsulation mpls	Configures the pseudo-wire class for L2 VPN pseudo-wire switching.
Router(config)# l2 vfi name point-to-point	Configures the virtual forwarding interface.
Router(config-vfi)# neighbor ip-address vc-id { encapsulation mpls pw-class pw-class-name }	Configures the neighbor with which the ASBR will form an L2 VFI connection.
Router(config-if-xconn)# backup peer peer-backup-router-id vc-id { encapsulation mpls pw-class pw-class-name }	Configures the backup peer for a primary L2 VPN VC.
Router(config-if-xconn)# backup delay { enable-delay-in-seconds } { disable-delay-in-seconds never }	Configures a backup delay for L2 VPN backup VC.
Router# xconnect backup force-switchover { interface interface- info peer peer-ip-address vcid }	Initiates switchover from primary to backup for L2 VPN redundancy enabled VCs.
Router(config-if)# tunnel mode gre multipoint l3vpn	Configures the tunnel as a multipoint GRE tunnel.
Router(config-if)# tunnel key number	Configures the tunnel key for the mGRE tunnel.
Router(config-if)# set ip next -hop in-vrf mGRE-vrf-name	Set the next hop for matching prefixes to map to the mGRE tunnel.
Router(config-vrf)# tunnel mpls traffic-eng exp { exp-value-1 exp-value-2 exp-value-1 default }	Associates an MPLS EXP value to be transported by a MPLS TE tunnel.
Router(config-vfi)# bridge-domain bridge-domain-id-value	Configures the bridge domain ID for a Layer 2 VFI instance on a GSR 12000 series.
Router(config-if)# bridge-domain bridge-domain-id-value	Associates interface with bridge domain on a GSR 12000 series.
Router(config-if)# encapsulation dot1q vlan-id	Enables VPLS Ethernet VLAN service on GE subinterface (GSR).
Router(config-if)# encapsulation dot1q top-vlan-id second-dot1q bottom-vlan-id	Enables VPLS Ethernet QinQ service on GE subinterface (GSR).
Router(config-if)# encapsulation dot1q top-vlan-id second-dot1q any	Enables VPLS Ethernet QinAny Service on GE subinterface (GSR).