MPLS Layer 3 VPN BGP AS Override

This is a good question, and there is a lot going on behind the scene to answer it. As you know, AllowAS-In and AS-Override are both essentially tricks that can be used to deal with what would normally be considered a BGP looped route (since the ASN number will appear in the AS Path).

The important consideration is whether the BGP “loop” route will actually be filtered on the PE side or the CE side. AllowAS-In assumes the filtering is being done on the CE side, but in reality, most PEs would have already filtered the route before it got to the CE.

For example, in IOS-XR, the default behavior in this situation is different than the regular IOS. With IOS-XR, the PE would do the filtering because it is more efficient to do this. The logic is that the PE router knows what the CE’s ASN is, so why bother sending it a BGP router that it “knows” the CE will filter anyway?

For this reason, it is probably best to have the PE control this situation, and therefore, use AS-Override instead of AllowAS-In.