What Is BGP? Border Gateway Protocol Explained
What is Border Gateway Protocol (BGP)?How does BGP Work?The Different Characteristics of BGPPath-vector ProtocolOperates at the Edge of NetworksSupports Internal and External RoutingScalabilityFlexibilitySupport for Address FamiliesIncremental Updates and Route AggregationFunctions of BGPDirecting Traffic Between NetworksEnsuring Network AvailabilityTraffic Engineering: Controlling Traffic Flow Between NetworksLoad BalancingMultihomingUnderstanding Autonomous Systems (ASes and ASNs) and AS Operators in BGPWhat are ASes?: Network Domains with Unique Administrative ControlWhat are ASNs?: Unique Numbers for Autonomous SystemsAS Announcements and Related Issues and RisksBGP Security and RPKI: Potential Solutions to BGP RisksBGP Security (BGPsec)RPKI (Resource Public Key Infrastructure)What is the Difference between External and Internal BGP?External BGP (eBGP)Internal BGP (iBGP)BGP CommunitiesThe Future of BGP with Kentik
Border Gateway Protocol (BGP) is critical in the global internet routing infrastructure, connecting millions of networks and ensuring seamless data exchange. This article provides an in-depth look at BGP, its inner workings, and the essential elements that make up the protocol. We’ll cover the fundamental concepts of Autonomous Systems (ASes) and Autonomous System Numbers (ASNs), discuss modern security concerns and the implementation of Resource Public Key Infrastructure (RPKI), and outline approaches to BGP monitoring for efficient network management.
What is Border Gateway Protocol (BGP)?
Border Gateway Protocol (BGP) BGP is a widely accepted and implemented protocol used to exchange routing information between different networks (ASes) on the global internet (defined by the latest IETF standard, Border Gateway Protocol 4 (BGP-4)). BGP allows routers to establish and maintain peering relationships with other routers, sharing routing information to ensure data is directed through the most efficient path between networks. As a path-vector protocol, BGP makes routing decisions based on the paths, policies, and rules defined by network administrators.
BGP is often said to provide “reachability information” among Autonomous Systems (ASes) on the internet. In this context, reachability refers to the ability of a network device, such as a router, to access or communicate with another device or network over the internet. Reachability information helps routers determine whether a particular destination IP address is accessible and how to route data packets to that destination.
When BGP routers exchange routing and reachability information, they share details about the available network paths and the accessibility of IP addresses within their respective Autonomous Systems (ASes). This information enables routers to select the best and most efficient path to reach a specific destination, ensuring proper data transmission across the internet.
How does BGP Work?
BGP routers establish peering relationships with other routers, exchanging routing information in the form of BGP updates. These updates consist of a list of IP prefixes and various BGP attributes, which routers use to select the best path to reach a specific destination. BGP’s loop prevention mechanism relies on the Autonomous System Path (AS_PATH) attribute, which lists the ASes traversed by a specific route. Other essential attributes include the LOCAL_PREF, MED, and NEXT_HOP, which contribute to the BGP decision process.
The Different Characteristics of BGP
BGP has several key characteristics that contribute to its stability and effectiveness in routing internet traffic:
BGP is a “path-vector” protocol, meaning that it maintains the full path information for each route, including the sequence of ASes traversed. This feature allows BGP to avoid routing loops and make informed decisions based on policy.
Operates at the Edge of Networks
BGP operates at the edges of networks, connecting different Autonomous Systems and exchanging routing information. This characteristic allows BGP to maintain a global view of the internet routing landscape.
Supports Internal and External Routing
BGP can be used both internally (iBGP) and externally (eBGP) within and between ASes, enabling efficient routing within large networks and across the internet.
BGP is designed to scale with the internet’s growth, to support numerous routes and peering relationships.
BGP provides network administrators with a wide range of policy options and attributes to control the selection of routes and influence the routing behavior of other ASes.
Support for Address Families
BGP supports multiple address families, including IPv4, IPv6, and VPNv4, making it adaptable to different network requirements and technologies.
Incremental Updates and Route Aggregation
BGP routers exchange incremental updates, meaning only changes in routing information are communicated, reducing the amount of data transmitted between routers. Additionally, BGP supports route aggregation, minimizing the number of routes advertised and conserving resources.
Functions of BGP
BGP serves several important functions in internet routing:
Directing Traffic Between Networks
BGP determines the best path for traffic to flow between networks based on policy, ensuring efficient routing and network performance.
Ensuring Network Availability
BGP routers continuously exchange routing updates, allowing them to quickly adapt to changes in network topology and maintain connectivity even in the event of failures or congestion.
Traffic Engineering: Controlling Traffic Flow Between Networks
Sometimes called “traffic engineering”, BGP allows network administrators to control the flow of traffic between networks through various policy mechanisms, optimizing network performance, balancing load, and managing costs.
BGP can distribute traffic across multiple links, helping to balance load and optimize network performance.
BGP enables networks to connect to multiple upstream providers for increased redundancy and improved performance.
Understanding Autonomous Systems (ASes and ASNs) and AS Operators in BGP
Autonomous systems (ASes) are crucial components of the global internet infrastructure. They represent individual network domains under the control of a single administrative entity, such as Internet Service Providers (ISPs), large enterprises, and content providers. Each AS is assigned a unique AS number (ASN), which allows it to exchange routing information with other ASes via BGP, thus ensuring global reachability.
AS operators are responsible for managing their networks, maintaining routing policies, and participating in the global BGP routing process. By establishing BGP sessions and exchanging routing information with other ASes, they contribute to the overall stability and efficiency of the internet.
What are ASes?: Network Domains with Unique Administrative Control
ASes are networks composed of routers and other network devices that a single organization manages. This organization defines its own routing policies and ensures that its network operates optimally. By implementing these policies, AS operators have full control over how traffic is forwarded within their network and how it reaches external networks.
Examples of AS operators include ISPs, which provide internet connectivity to homes and businesses, and large content providers, such as Google, Facebook, and Amazon, which host and distribute content across the internet.
What are ASNs?: Unique Numbers for Autonomous Systems
Each autonomous system is assigned a unique AS number (ASN) to identify it within the global internet routing system. ASNs are 16-bit or 32-bit numbers that are allocated by the Internet Assigned Numbers Authority (IANA) to Regional Internet Registries (RIRs), which then distribute them to ISPs and other network operators. The use of unique ASNs allows BGP to differentiate between ASes, ensuring that routing information is exchanged and processed correctly.
AS Announcements and Related Issues and Risks
AS announcements are the process by which autonomous systems communicate their routing information to other ASes. When an AS receives routing information from a neighboring AS, it processes the information according to its routing policies and propagates the information to other connected ASes. However, this process can be susceptible to issues such as BGP misconfigurations, route leaks, and route hijacks:
- BGP Misconfigurations: Mistakes in configuring BGP routers can lead to unintended routing behavior, which may cause traffic to be forwarded inefficiently or even be dropped altogether. Misconfigurations can occur for various reasons, such as human error or software bugs, and can result in network instability and loss of connectivity.
- BGP Route Leaks: A BGP route leak occurs when an AS incorrectly announces routing information to another AS, causing traffic to be directed through unintended paths. This can lead to suboptimal routing, increased latency, and even the complete loss of connectivity in severe cases.
- BGP Route Hijacks: Route hijacks involve the malicious manipulation of BGP routing information with the intent to redirect traffic through an attacker-controlled AS. This can be used for various nefarious purposes, such as surveillance, traffic interception, or denial of service attacks.
To ensure the stability and security of the internet, AS operators must actively monitor their BGP routing information and implement best practices to prevent and mitigate these issues. Implementing BGP monitoring is an essential part of operating modern networks. For more information on this topic, see “Why You Need to Monitor BGP” and “Introducing BGP Monitoring from Kentik” in the Kentik blog.
BGP Security and RPKI: Potential Solutions to BGP Risks
BGP has been known to be vulnerable to various security threats, such as route hijacking, route leaks, and IP address spoofing. To mitigate these risks, BGP Security and the Resource Public Key Infrastructure (RPKI) have been developed:
BGP Security (BGPsec)
BGPsec, or BGP Security (standardized here as IETF RFC8205), is an extension to the Border Gateway Protocol that enhances its security by adding cryptographic validation to the routing information exchanged between routers. BGPsec helps prevent route hijacking and other malicious activities by ensuring that the advertised routes are legitimate and authorized by the owning Autonomous Systems (ASes). BGPsec uses Resource Public Key Infrastructure (RPKI) to validate the AS_PATH attribute in BGP updates, ensuring the integrity and authenticity of the routing information.
RPKI (Resource Public Key Infrastructure)
The RPKI (Resource Public Key Infrastructure) is a global, hierarchical public key infrastructure (PKI) that aims to secure the internet’s routing system. It associates Internet number resources (IP prefixes and AS numbers) with a digital certificate, called a Route Origin Authorization (ROA). ROAs provide a verifiable and cryptographically secure method to validate the origin AS of an IP prefix. RPKI allows network operators to make more informed decisions about the validity of routes they receive and helps to prevent accidental or malicious route hijacking.
For more on this topic, check out the Telemetry Now podcast episode, “Securing Global Routing with RPKI and BGP Security”.
What is the Difference between External and Internal BGP?
BGP operates on two different levels: External BGP (eBGP) and internal BGP (iBGP). Understanding the distinction between these two types of BGP is crucial for comprehending how the protocol manages routing information and maintains the stability of the internet.
External BGP (eBGP)
External BGP, or eBGP, is used to exchange routing information between different autonomous systems (ASes). eBGP sessions are established between routers that reside on the edge of their respective ASes. By sharing routing information with one another, eBGP allows ASes to determine the best path for data to travel across the internet. The primary purpose of eBGP is to maintain a clear separation between the ASes and facilitate the exchange of routing information between them.
Internal BGP (iBGP)
Internal BGP, or iBGP, is used to propagate routing information within a single autonomous system. Routers within the same AS establish iBGP sessions with one another to share routing information. The main goal of iBGP is to ensure that all routers within the AS have a consistent view of the network topology and routing information. This allows the routers within the AS to make informed decisions about how to forward traffic and reach external networks efficiently.
One significant difference between eBGP and iBGP is the way they handle the AS path attribute. In eBGP, when a router receives a route advertisement, it appends its own AS number to the AS path before forwarding the advertisement to a neighbor. This process helps prevent routing loops, as routers can recognize their own AS number in the path and discard the route. In contrast, iBGP does not modify the AS path attribute, as the advertisement is only propagated within the same AS.
eBGP and iBGP serve different purposes within the Border Gateway Protocol. eBGP focuses on exchanging routing information between different autonomous systems, while iBGP is responsible for sharing routing information within a single autonomous system. Both types of BGP are essential for maintaining a stable and efficient internet routing infrastructure.
BGP Communities are an optional transitive attribute used to tag and group routes with common characteristics or policy preferences. They provide a way for network operators to communicate and apply specific routing policies across multiple ASes. BGP Communities can be used to signal various routing preferences, such as traffic engineering, selective advertisement of routes, or influencing the selection of a preferred route.
For example, a network operator might use BGP Communities to indicate that a particular prefix should be advertised only to specific peers or that it should be given a lower preference during the route selection process. This flexibility allows operators to implement complex routing policies while simplifying the overall BGP configuration.
Since BGP Communities are an essential part of internet peering, they can help manage routing policies more efficiently between peering partners, contributing to the overall stability and scalability of the internet’s routing infrastructure.
The Future of BGP with Kentik
Border Gateway Protocol (BGP) is essential in today’s internet routing infrastructure, enabling efficient communication and routing between networks. As the complexity and scale of the internet continue to grow, effectively monitoring and managing BGP becomes increasingly important. By leveraging advanced network analytics and monitoring solutions like Kentik, organizations can gain valuable insights into their BGP operations, optimize routing decisions, and identify potential peering opportunities. Ultimately, this proactive approach to BGP management helps ensure the smooth performance of the global internet and fosters a more secure and resilient routing ecosystem.
Kentik provides powerful BGP analytics and monitoring features that can help your organization gain deep insights into BGP operations, identify potential peering opportunities, and optimize routing decisions.
With Kentik, you can stay ahead of network challenges and ensure the smooth performance of your BGP infrastructure. Discover the benefits of Kentik’s network analytics and monitoring solutions for BGP by starting a free 30-day trial or requesting a demo today.