In any environment, customers may advertise different subnets/routes from spoke sites to hubs, this article discusses how the OFC decides the preferred VPN of the route if it is received via BGP with the same attributes.

-Let's assume that the customer has subnet 10.0.0.0/24 advertised from a spoke site to the hub site and is performing segment leaking which means that the route is learned by hub 1 then advertised to the customer network behind the hub, then is re-advertised to both hubs on the different segments.

-If the customer does not perform any route manipulation techniques on these routes (Local preference or AS path) , the route will be received with the same attributes.

-In this case, the OFC table will put the oldest route as the preferred VPN exit since all attributes are tied/match which means whichever received the route first will be the oldest hence the preferred VPN exit.

OFC table will compare attributes, but if all attributes match then it will prefer the oldest route.

If the customer wants to manipulate the routes then they should play with the BGP attributes to prefer one route to the other.

If they want to do so via the SD-WAN part, they could either pin the preferred VPN exit and change it on the OFC table, or if these routes are advertised to the spokes, they could manipulate the route using Hub order.