MPLS L3 VPNs and the interaction between AS-Override and SoO


In [BGP](/bgp) the **Site of Origin (SoO)** attribute is a BGP [extended](/bgp-community-types) [community](/bgp-communities) used primarily in [MPLS](/mpls) [VPNs](/mpls-vpn-label)  to prevent [routing](/routing) [loops](/loops-in-layers-2-and-3) in certain scenarios, particularly when a prefix might be advertised back to its original site through a different path. 

Here's how it works:

- **Context**: In MPLS Layer 3 VPNs, a customer's network can be spread across multiple sites, connected through a service provider’s network. BGP is used to advertise customer routes between these sites. In cases where redundant connections or path diversity exists, it is possible for a route to be learned by one site and then re-advertised back to another site, creating a routing loop.

- **SoO Use**: The SoO community marks prefixes with the site they originate from. When a [PE (Provider Edge)](/mpls-label-edge-router) router advertises a route to another PE, it includes the SoO value. If a PE receives a route with an SoO that matches the site it serves, it will not accept the route. This prevents the possibility of the route being looped back to its original site.

### Key Points:
1. **SoO is an extended community**: It's a 64-bit attribute that can be attached to BGP routes, commonly used in conjunction with VRFs (Virtual Routing and Forwarding) in MPLS VPNs.
2. **Prevents routing loops**: By tagging routes with their origin site, SoO ensures that routes are not accepted if they return to their originating site.
3. **Common with dual-homing**: SoO is especially useful in scenarios where customer sites are dual-homed to two or more provider edge routers, creating a risk of routing loops.

Care should be taken when using SoO in combination with [BGP's AS Override feature](/bgp-as-override-feature).  More about this can be found at: [MPLS L3 VPNs and the interaction between AS-Override and SoO](/mpls-l3-vpns-and-the-interaction-between-as-override-and-soo).

Therefore, SoO is used to track the origin of VPN routes and prevent them from being re-advertised back to the originating site in MPLS Layer 3 VPNs, ensuring a loop-free and stable routing environment.

## Links

https://forum.networklessons.com/t/mpls-layer-3-vpn-bgp-as-override/1323/41?u=lagapidis

https://learningnetwork.cisco.com/s/article/bgp-site-of-origin-soo-concepts-amp-configuration

BGP Site of Origin (SoO) Community

BGP - preventing transit traffic

BGP - redistributing iBGP routes into an IGP

BGP - remove private AS

BGP - route maps and using the continue clause

BGP - routing table entry without exit interface

BGP - transitive and non-transitive attributes

BGP - update-source command

BGP - using peer-groups with multiple outbound policies

BGP - using private ASNs with private IPs

BGP - using public IPs with private ASes

BGP - why is eBGP preferred over iBGP

BGP 4-Byte AS Number - Asdot notation

BGP 4-Byte AS Number - Asdot plus notation

BGP 4-Byte AS Number - Asplain notation

BGP 4-byte ASN Backward Compatibility

BGP AS Override feature

BGP AS Path Filtering and Manipulation

BGP AS Path

BGP AS number notation

BGP AS_PATH when using aggregate-address

BGP AS_SET and AS_CONFED_SET Deprecated

BGP AS_TRANS

BGP Advertised Routes and Outbound Policy Application

BGP Advertising a prefix

BGP Advertising a route using the Null0 exit interface

BGP Allow-AS in

BGP Asymmetric routing when using ASA with AWS

BGP Attributes - route map direction

BGP Authentication

BGP Auto-Summary Best Practices

BGP Cluster ID

BGP Confederation peerings

BGP Confederations

BGP Default local preference and its appearance in the BGP table

BGP Equal Cost Multipath AS_Path Attribute

BGP Equal cost multipath configuration syntax

BGP Equal cost multipath

BGP Extended Community

BGP ISPs prefixes advertised to enterprise edge routers

BGP Influencing incoming traffic

BGP Influencing outgoing traffic

BGP Load balancing

BGP Maximum Prefix Feature

BGP Maximum message size

BGP Next Hop Address Tracking

BGP Origin AS Validation

BGP Originator ID

BGP RIB failure

BGP Route Reflector

BGP Standard Community

BGP Table Origin Code

BGP Update Groups

BGP Update Total Path Attribute Length field

BGP active and passive peers

BGP advertises only the best path by default

BGP advertising a default route

BGP aggregate-address

BGP and route tagging

BGP applying route maps to prefixes

BGP backdoor route

BGP communities

BGP community propagation

BGP community types

BGP configuring authentication on an established BGP session

BGP dmzlink-bw feature

BGP hold timer

BGP how MED attribute is compared

BGP installing a BGP-learned route into the routing table

BGP internal vs external

BGP neighbor activate command

BGP neighbor-group

BGP paths indicated in the show ip bgp command

BGP peer groups

BGP peer templates

BGP peering redundancy using loopbacks

BGP private AS numbers

BGP regular expressions - use of 4-Byte ASNs

BGP regular expressions - use of backslash for confederations

BGP risk of using the as-override feature

BGP route dampening penalty half-life

BGP route refresh capability annoucement

BGP soft reconfiguration on Cisco ASA

BGP soft reconfiguration

BGP sub autonomous system

BGP table status codes

BGP traffic engineering

BGP using next-hop-self with a route reflector

BGP weight attribute default value

BGP when to use next-hop-self

BGP which address is used as the next hop

BGP why do we need an IGP for BGP to work

BGP why route dampening is obsolete

Best practice - concerning undebug all

Best practice - prevent connectivity loss of remote device

Bidirectional Forwarding Detection (BFD)

Broadcast MAC address

Broadcast traffic

CBC-MAC

BGP Site of Origin (SoO) Community

Key Points:

Links

Links to this page: