BGP: Border Gateway Protocol Basics

BGP (Border Gateway Protocol) is the routing protocol that makes the internet work. It's the protocol that connects different networks (autonomous systems) together and determines how data flows across the global internet as defined in RFC 4271. This comprehensive guide explains BGP, how it works, and why it's critical to internet infrastructure.

What is BGP?

BGP is an exterior gateway protocol (EGP) designed to exchange routing information between different autonomous systems (AS). It's the only protocol used for routing between ISPs and is responsible for maintaining the internet's routing table.

Key Characteristics

Protocol type:

Classification: Path vector protocol
Layer: Application layer (TCP port 179)
Purpose: Inter-domain routing
Scale: Internet-scale (millions of routes)

Core features:

Policy-based routing
Path selection control
Loop prevention
Scalability
Stability over speed
Incremental updates

BGP vs IGPs:

BGP: Between autonomous systems
IGPs (OSPF, EIGRP): Within autonomous systems

BGP: Policy-driven
IGPs: Metric-driven

BGP: Slow convergence, stable
IGPs: Fast convergence

Autonomous Systems (AS)

What is an AS?

Definition:

Collection of IP networks under single administrative control
Unique AS number (ASN)
Common routing policy
Single routing protocol

AS Number (ASN):

16-bit: 1 - 65535 (original)
32-bit: 1 - 4294967295 (extended)

Reserved ranges:
0: Reserved
64512-65534: Private use
65535: Reserved
23456: AS_TRANS (transition)

Types of AS:

Stub AS:

Single connection to internet
One upstream provider
No transit traffic
Most common type

Multi-homed AS:

Multiple connections to internet
Multiple providers
Redundancy
No transit traffic

Transit AS:

Provides transit for other AS
ISP, backbone provider
Carries third-party traffic
Complex routing policies

AS Examples

Major AS numbers:

AS7018: AT&T
AS3356: Level 3 (Lumen)
AS1299: Telia
AS174: Cogent
AS6939: Hurricane Electric
AS15169: Google
AS8075: Microsoft
AS16509: Amazon

BGP Types

eBGP (External BGP)

Between different AS:

Connects different organizations
Different AS numbers
TTL = 1 (directly connected)
Next-hop changes

Configuration example (Cisco):

router bgp 65001
 neighbor 203.0.113.1 remote-as 65002
 neighbor 203.0.113.1 ebgp-multihop 2

Characteristics:

Administrative distance: 20
Next-hop: Usually changed
AS-PATH: Incremented
Used for: Internet routing

iBGP (Internal BGP)

Within same AS:

Distributes external routes internally
Same AS number
Full mesh or route reflectors
Next-hop preserved

Configuration example (Cisco):

router bgp 65001
 neighbor 10.0.0.2 remote-as 65001
 neighbor 10.0.0.2 update-source Loopback0
 neighbor 10.0.0.2 next-hop-self

Characteristics:

Administrative distance: 200
Next-hop: Preserved (unless next-hop-self)
AS-PATH: Not incremented
Used for: Internal route distribution

iBGP requirements:

Full mesh (all routers peer with all)
Or route reflectors
Or confederation
Prevents loops

BGP Attributes

Path Attributes

Well-known mandatory:

AS_PATH:

List of AS numbers traversed
Loop prevention mechanism
Shorter path preferred
Primary path selection criterion

NEXT_HOP:

IP address of next hop router
Changed by eBGP
Preserved by iBGP (usually)
Must be reachable

ORIGIN:

How route was injected into BGP
IGP (i): network command
EGP (e): EGP (obsolete)
Incomplete (?): redistribution

Well-known discretionary:

LOCAL_PREF:

Preference within AS
Higher value preferred
iBGP only
Default: 100

ATOMIC_AGGREGATE:

Route was aggregated
Information lost
Informational

Optional transitive:

AGGREGATOR:

AS and router that aggregated
Informational
Passed to other AS

COMMUNITY:

Route tagging
Policy implementation
32-bit value
Well-known communities

Optional non-transitive:

MED (Multi-Exit Discriminator):

Suggests preferred entry point
Lower value preferred
Compared between routes from same AS
Not passed to other AS

ORIGINATOR_ID:

Route reflector attribute
Original router ID
Loop prevention

CLUSTER_LIST:

Route reflector clusters
Loop prevention

BGP Path Selection

Decision Process

Order of preference:

1. Highest Weight (Cisco-specific):

Local to router
Not advertised
Default: 0
Higher preferred

2. Highest LOCAL_PREF:

Within AS
Default: 100
Higher preferred

3. Locally originated:

Prefer routes originated by this router
network command > redistribute

4. Shortest AS_PATH:

Fewer AS hops
Primary internet routing criterion
Can be manipulated (AS prepending)

5. Lowest ORIGIN:

IGP (i) > EGP (e) > Incomplete (?)
Rarely used for selection

6. Lowest MED:

Between routes from same AS
Suggests preferred entry
Lower preferred

7. eBGP over iBGP:

External routes preferred
Administrative distance: eBGP 20, iBGP 200

8. Lowest IGP metric to NEXT_HOP:

Shortest internal path
Hot potato routing

9. Oldest route:

Stability
Prefer established paths

10. Lowest router ID:

Tiebreaker
Deterministic

Path Selection Example

Scenario:

Router receives 3 routes to 192.0.2.0/24:

Route A:
AS_PATH: 65002 65003
LOCAL_PREF: 100
MED: 50

Route B:
AS_PATH: 65004
LOCAL_PREF: 150
MED: 100

Route C:
AS_PATH: 65005 65006 65007
LOCAL_PREF: 100
MED: 10

Selection process:
1. Weight: All equal (default 0)
2. LOCAL_PREF: Route B wins (150 > 100)

Route B selected

BGP Messages

Message Types

OPEN:

Establishes BGP session
Negotiates parameters
AS number, BGP version, hold time
Capabilities

UPDATE:

Advertises new routes
Withdraws old routes
Path attributes
NLRI (Network Layer Reachability Information)

KEEPALIVE:

Maintains session
Sent periodically
Default: 60 seconds
Prevents timeout

NOTIFICATION:

Error condition
Closes session
Error code and subcode
Debugging information

BGP Session States

Idle:

Initial state
Waiting to start

Connect:

Waiting for TCP connection

Active:

TCP connection failed
Trying to reconnect

OpenSent:

OPEN message sent
Waiting for OPEN

OpenConfirm:

OPEN received
Waiting for KEEPALIVE

Established:

Session active
Exchanging routes
Normal operation

State transitions:

Idle → Connect → OpenSent → OpenConfirm → Established
     ↓         ↓           ↓              ↓
   Active ←────┴───────────┴──────────────┘

BGP Configuration

Basic eBGP Configuration

Cisco IOS:

router bgp 65001
 bgp router-id 1.1.1.1
 neighbor 203.0.113.1 remote-as 65002
 neighbor 203.0.113.1 description ISP_A
 !
 address-family ipv4
  network 192.0.2.0 mask 255.255.255.0
  neighbor 203.0.113.1 activate
 exit-address-family

Juniper:

set protocols bgp group external type external
set protocols bgp group external peer-as 65002
set protocols bgp group external neighbor 203.0.113.1
set policy-options policy-statement export-bgp term 1 from protocol static
set policy-options policy-statement export-bgp term 1 then accept

Basic iBGP Configuration

Cisco IOS:

router bgp 65001
 bgp router-id 1.1.1.1
 neighbor 10.0.0.2 remote-as 65001
 neighbor 10.0.0.2 update-source Loopback0
 neighbor 10.0.0.2 next-hop-self
 !
 address-family ipv4
  neighbor 10.0.0.2 activate
 exit-address-family

Route Reflectors

Purpose: Avoid iBGP full mesh

Configuration:

router bgp 65001
 neighbor 10.0.0.2 remote-as 65001
 neighbor 10.0.0.2 route-reflector-client

Hierarchy:

Route Reflector (RR)
  ├── Client 1
  ├── Client 2
  └── Client 3

Clients peer only with RR
RR reflects routes between clients
Reduces peering requirements

BGP Policies

Route Filtering

Prefix lists:

ip prefix-list ALLOW-CUSTOMER permit 192.0.2.0/24
ip prefix-list ALLOW-CUSTOMER deny 0.0.0.0/0 le 32

router bgp 65001
 neighbor 203.0.113.1 prefix-list ALLOW-CUSTOMER out

AS-PATH filtering:

ip as-path access-list 1 permit ^65002$
ip as-path access-list 1 deny .*

router bgp 65001
 neighbor 203.0.113.1 filter-list 1 in

Route Manipulation

AS-PATH prepending:

route-map PREPEND permit 10
 set as-path prepend 65001 65001 65001

router bgp 65001
 neighbor 203.0.113.1 route-map PREPEND out

Result: Makes path less attractive

LOCAL_PREF:

route-map SET-LOCAL-PREF permit 10
 set local-preference 200

router bgp 65001
 neighbor 10.0.0.2 route-map SET-LOCAL-PREF in

Result: Prefer this path

MED:

route-map SET-MED permit 10
 set metric 50

router bgp 65001
 neighbor 203.0.113.1 route-map SET-MED out

Result: Suggest this entry point

Communities

Well-known communities:

NO_EXPORT: Don't advertise to eBGP peers
NO_ADVERTISE: Don't advertise to any peer
LOCAL_AS: Don't advertise outside confederation

Custom communities:

65001:100 - Customer routes
65001:200 - Peer routes
65001:300 - Upstream routes

Configuration:

ip community-list 1 permit 65001:100

route-map SET-COMMUNITY permit 10
 set community 65001:100

router bgp 65001
 neighbor 203.0.113.1 send-community
 neighbor 203.0.113.1 route-map SET-COMMUNITY out

BGP Security

Common Threats

Route hijacking:

Malicious AS announces prefixes it doesn't own
Traffic redirected
Data interception
Service disruption

Route leaks:

Unintentional announcement of routes
Misconfiguration
Causes internet outages
Traffic blackholing

Prefix hijacking:

More specific prefix announced
Longest prefix match wins
Traffic diverted

Security Measures

Prefix filtering:

Filter customer announcements
Only accept owned prefixes
Bogon filtering (invalid ranges)
Maximum prefix limits

AS-PATH filtering:

Validate AS-PATH
Prevent private AS in public internet
Filter known bad AS

RPKI (Resource Public Key Infrastructure):

Cryptographic validation
ROA (Route Origin Authorization)
Validates prefix ownership
Prevents hijacking

BGPsec:

Path validation
Cryptographic signatures
Prevents path manipulation
Not widely deployed

Maximum prefix:

router bgp 65001
 neighbor 203.0.113.1 maximum-prefix 1000

Prevents route table overflow
Detects misconfigurations

BGP in Practice

ISP Peering

Types of peering:

Transit:

Pay for connectivity
Full routes or default
Upstream provider

Peering:

Mutual exchange
No payment
Internet exchange points (IXP)
Bilateral agreements

Customer:

Provide transit
Receive payment
Announce customer routes

Multi-homing

Benefits:

Redundancy
Load balancing
Provider independence
Better performance

Configuration:

Two or more ISP connections
Own AS number
BGP with each provider
Policy-based routing

Inbound traffic control:

AS-PATH prepending
MED
Communities
More specific prefixes

Outbound traffic control:

LOCAL_PREF
AS-PATH
Weight
Default routes

Internet Exchange Points (IXP)

Purpose:

Neutral peering location
Multiple networks interconnect
Reduced costs
Better performance

Major IXPs:

DE-CIX (Frankfurt)
AMS-IX (Amsterdam)
LINX (London)
Equinix (multiple locations)

Troubleshooting BGP

Common Issues

Session not establishing:

Check: TCP connectivity (port 179)
Check: AS numbers correct
Check: IP addresses correct
Check: Firewall rules

Routes not received:

Check: BGP session established
Check: Route filters
Check: Maximum prefix limit
Check: Soft reconfiguration

Suboptimal routing:

Check: Path attributes
Check: Policies
Check: AS-PATH
Check: LOCAL_PREF

Diagnostic Commands

Cisco IOS:

show ip bgp summary
show ip bgp neighbors
show ip bgp
show ip bgp 192.0.2.0
show ip route bgp
debug ip bgp updates

Verification:

show ip bgp summary
- Check session state (Established)
- Check prefixes received/sent
- Check uptime

show ip bgp neighbors 203.0.113.1
- Detailed neighbor information
- Capabilities
- Statistics

IPv6 BGP

MP-BGP (Multiprotocol BGP)

Configuration:

router bgp 65001
 neighbor 2001:db8::1 remote-as 65002
 !
 address-family ipv6
  neighbor 2001:db8::1 activate
  network 2001:db8:1::/48
 exit-address-family

Differences:

Same protocol, different address family
IPv6 next-hop
IPv6 prefixes
Otherwise identical to IPv4 BGP

Best Practices

Design

1. Use private AS for internal:

64512-65534 for internal use
Don't leak to internet

2. Implement route filtering:

Filter customer announcements
Bogon filtering
Maximum prefix limits

3. Use route reflectors:

Avoid full mesh
Hierarchical design
Redundant RRs

Operations

1. Monitor BGP:

Session state
Route counts
Flapping
Changes

2. Document policies:

Peering agreements
Route policies
Community usage
Contact information

3. Implement security:

RPKI validation
Prefix filtering
AS-PATH filtering
Authentication

Troubleshooting

1. Layer by layer:

Physical connectivity
IP connectivity
TCP session
BGP session
Route exchange

2. Verify configuration:

AS numbers
IP addresses
Route policies
Filters

3. Check logs:

Session flaps
Route changes
Errors
Notifications

Conclusion

BGP is the routing protocol that powers the internet, enabling different autonomous systems to exchange routing information and determine optimal paths. Understanding BGP is essential for anyone working with internet infrastructure, ISPs, or large enterprise networks.

Related Articles

Routing Fundamentals

• Routing - IP routing basics
• Default Gateway - First hop routing
• IPv4 CIDR Notation - Route aggregation
• Anycast - BGP-based routing

Internet Infrastructure

• Internet Service Providers - ISP operations
• CDN - Content delivery networks using BGP
• IPv6 Adoption - BGP and IPv6
• AS numbers - Core identifier used by BGP between networks

Network Protocols

• ICMP - Error reporting in routing
• TCP/IP Model - Protocol stack
• DNS Servers - DNS and BGP

Security

• DDoS Attacks - BGP hijacking
• IP Reputation - BGP blackholing

Explore More

• Networking Basics - Essential concepts
• Protocols - Internet protocols hub

Key takeaways: - BGP connects autonomous systems - Path vector protocol - Policy-based routing - eBGP between AS, iBGP within AS - AS_PATH prevents loops - Path selection based on attributes - Scalable to internet size - Security critical (RPKI, filtering) - Used by ISPs and large enterprises - Complex but powerful

BGP's flexibility and scalability make it the only protocol capable of handling internet-scale routing, making it one of the most critical protocols for global internet connectivity.