BGP: Border Gateway Protocol Basics

BGP (Border Gateway Protocol) is the routing protocol that makes the internet work. It's the protocol that connects different networks (autonomous systems) together and determines how data flows across the global internet as defined in RFC 4271. This comprehensive guide explains BGP, how it works, and why it's critical to internet infrastructure.

What is BGP?

BGP is an exterior gateway protocol (EGP) designed to exchange routing information between different autonomous systems (AS). It's the only protocol used for routing between ISPs and is responsible for maintaining the internet's routing table.

Key Characteristics

Protocol type: Classification: Path vector protocol Layer: Application layer (TCP port 179) Purpose: Inter-domain routing Scale: Internet-scale (millions of routes)

Core features: Policy-based routing Path selection control Loop prevention Scalability Stability over speed Incremental updates

BGP vs IGPs: ``` BGP: Between autonomous systems IGPs (OSPF, EIGRP): Within autonomous systems

BGP: Policy-driven IGPs: Metric-driven

BGP: Slow convergence, stable IGPs: Fast convergence ```

Autonomous Systems (AS)

What is an AS?

Definition: Collection of IP networks under single administrative control Unique AS number (ASN) Common routing policy Single routing protocol

AS Number (ASN): ``` 16-bit: 1 - 65535 (original) 32-bit: 1 - 4294967295 (extended)

Reserved ranges: 0: Reserved 64512-65534: Private use 65535: Reserved 23456: AS_TRANS (transition) ```

Types of AS:

Stub AS: Single connection to internet One upstream provider No transit traffic Most common type

Multi-homed AS: Multiple connections to internet Multiple providers Redundancy No transit traffic

Transit AS: Provides transit for other AS ISP, backbone provider Carries third-party traffic Complex routing policies

AS Examples

Major AS numbers: AS7018: AT&T AS3356: Level 3 (Lumen) AS1299: Telia AS174: Cogent AS6939: Hurricane Electric AS15169: Google AS8075: Microsoft AS16509: Amazon

BGP Types

eBGP (External BGP)

Between different AS: Connects different organizations Different AS numbers TTL = 1 (directly connected) Next-hop changes

Configuration example (Cisco): router bgp 65001 neighbor 203.0.113.1 remote-as 65002 neighbor 203.0.113.1 ebgp-multihop 2

Characteristics: Administrative distance: 20 Next-hop: Usually changed AS-PATH: Incremented Used for: Internet routing

iBGP (Internal BGP)

Within same AS: Distributes external routes internally Same AS number Full mesh or route reflectors Next-hop preserved

Configuration example (Cisco): router bgp 65001 neighbor 10.0.0.2 remote-as 65001 neighbor 10.0.0.2 update-source Loopback0 neighbor 10.0.0.2 next-hop-self

Characteristics: Administrative distance: 200 Next-hop: Preserved (unless next-hop-self) AS-PATH: Not incremented Used for: Internal route distribution

iBGP requirements: Full mesh (all routers peer with all) Or route reflectors Or confederation Prevents loops

BGP Attributes

Path Attributes

Well-known mandatory:

AS_PATH: List of AS numbers traversed Loop prevention mechanism Shorter path preferred Primary path selection criterion

NEXT_HOP: IP address of next hop router Changed by eBGP Preserved by iBGP (usually) Must be reachable

ORIGIN: How route was injected into BGP IGP (i): network command EGP (e): EGP (obsolete) Incomplete (?): redistribution

Well-known discretionary:

LOCAL_PREF: Preference within AS Higher value preferred iBGP only Default: 100

ATOMIC_AGGREGATE: Route was aggregated Information lost Informational

Optional transitive:

AGGREGATOR: AS and router that aggregated Informational Passed to other AS

COMMUNITY: Route tagging Policy implementation 32-bit value Well-known communities

Optional non-transitive:

MED (Multi-Exit Discriminator): Suggests preferred entry point Lower value preferred Compared between routes from same AS Not passed to other AS

ORIGINATOR_ID: Route reflector attribute Original router ID Loop prevention

CLUSTER_LIST: Route reflector clusters Loop prevention

BGP Path Selection

Decision Process

Order of preference:

1. Highest Weight (Cisco-specific): Local to router Not advertised Default: 0 Higher preferred

2. Highest LOCAL_PREF: Within AS Default: 100 Higher preferred

3. Locally originated: Prefer routes originated by this router network command > redistribute

4. Shortest AS_PATH: Fewer AS hops Primary internet routing criterion Can be manipulated (AS prepending)

5. Lowest ORIGIN: IGP (i) > EGP (e) > Incomplete (?) Rarely used for selection

6. Lowest MED: Between routes from same AS Suggests preferred entry Lower preferred

7. eBGP over iBGP: External routes preferred Administrative distance: eBGP 20, iBGP 200

8. Lowest IGP metric to NEXT_HOP: Shortest internal path Hot potato routing

9. Oldest route: Stability Prefer established paths

10. Lowest router ID: Tiebreaker Deterministic

Path Selection Example

Scenario: ``` Router receives 3 routes to 192.0.2.0/24:

Route A: AS_PATH: 65002 65003 LOCAL_PREF: 100 MED: 50

Route B: AS_PATH: 65004 LOCAL_PREF: 150 MED: 100

Route C: AS_PATH: 65005 65006 65007 LOCAL_PREF: 100 MED: 10

Selection process: 1. Weight: All equal (default 0) 2. LOCAL_PREF: Route B wins (150 > 100)

Route B selected ```

BGP Messages

Message Types

OPEN: Establishes BGP session Negotiates parameters AS number, BGP version, hold time Capabilities

UPDATE: Advertises new routes Withdraws old routes Path attributes NLRI (Network Layer Reachability Information)

KEEPALIVE: Maintains session Sent periodically Default: 60 seconds Prevents timeout

NOTIFICATION: Error condition Closes session Error code and subcode Debugging information

BGP Session States

Idle: Initial state Waiting to start

Connect: Waiting for TCP connection

Active: TCP connection failed Trying to reconnect

OpenSent: OPEN message sent Waiting for OPEN

OpenConfirm: OPEN received Waiting for KEEPALIVE

Established: Session active Exchanging routes Normal operation

State transitions: Idle → Connect → OpenSent → OpenConfirm → Established ↓ ↓ ↓ ↓ Active ←────┴───────────┴──────────────┘

BGP Configuration

Basic eBGP Configuration

Cisco IOS: router bgp 65001 bgp router-id 1.1.1.1 neighbor 203.0.113.1 remote-as 65002 neighbor 203.0.113.1 description ISP_A ! address-family ipv4 network 192.0.2.0 mask 255.255.255.0 neighbor 203.0.113.1 activate exit-address-family

Juniper: set protocols bgp group external type external set protocols bgp group external peer-as 65002 set protocols bgp group external neighbor 203.0.113.1 set policy-options policy-statement export-bgp term 1 from protocol static set policy-options policy-statement export-bgp term 1 then accept

Basic iBGP Configuration

Cisco IOS: router bgp 65001 bgp router-id 1.1.1.1 neighbor 10.0.0.2 remote-as 65001 neighbor 10.0.0.2 update-source Loopback0 neighbor 10.0.0.2 next-hop-self ! address-family ipv4 neighbor 10.0.0.2 activate exit-address-family

Route Reflectors

Purpose: Avoid iBGP full mesh

Configuration: router bgp 65001 neighbor 10.0.0.2 remote-as 65001 neighbor 10.0.0.2 route-reflector-client

Hierarchy: ``` Route Reflector (RR) ├── Client 1 ├── Client 2 └── Client 3

Clients peer only with RR RR reflects routes between clients Reduces peering requirements ```

BGP Policies

Route Filtering

Prefix lists: ``` ip prefix-list ALLOW-CUSTOMER permit 192.0.2.0/24 ip prefix-list ALLOW-CUSTOMER deny 0.0.0.0/0 le 32

router bgp 65001 neighbor 203.0.113.1 prefix-list ALLOW-CUSTOMER out ```

AS-PATH filtering: ``` ip as-path access-list 1 permit ^65002$ ip as-path access-list 1 deny .*

router bgp 65001 neighbor 203.0.113.1 filter-list 1 in ```

Route Manipulation

AS-PATH prepending: ``` route-map PREPEND permit 10 set as-path prepend 65001 65001 65001

router bgp 65001 neighbor 203.0.113.1 route-map PREPEND out

Result: Makes path less attractive ```

LOCAL_PREF: ``` route-map SET-LOCAL-PREF permit 10 set local-preference 200

router bgp 65001 neighbor 10.0.0.2 route-map SET-LOCAL-PREF in

Result: Prefer this path ```

MED: ``` route-map SET-MED permit 10 set metric 50

router bgp 65001 neighbor 203.0.113.1 route-map SET-MED out

Result: Suggest this entry point ```

Communities

Well-known communities: NO_EXPORT: Don't advertise to eBGP peers NO_ADVERTISE: Don't advertise to any peer LOCAL_AS: Don't advertise outside confederation

Custom communities: 65001:100 - Customer routes 65001:200 - Peer routes 65001:300 - Upstream routes

Configuration: ``` ip community-list 1 permit 65001:100

route-map SET-COMMUNITY permit 10 set community 65001:100

router bgp 65001 neighbor 203.0.113.1 send-community neighbor 203.0.113.1 route-map SET-COMMUNITY out ```

BGP Security

Common Threats

Route hijacking: Malicious AS announces prefixes it doesn't own Traffic redirected Data interception Service disruption

Route leaks: Unintentional announcement of routes Misconfiguration Causes internet outages Traffic blackholing

Prefix hijacking: More specific prefix announced Longest prefix match wins Traffic diverted

Security Measures

Prefix filtering: Filter customer announcements Only accept owned prefixes Bogon filtering (invalid ranges) Maximum prefix limits

AS-PATH filtering: Validate AS-PATH Prevent private AS in public internet Filter known bad AS

RPKI (Resource Public Key Infrastructure): Cryptographic validation ROA (Route Origin Authorization) Validates prefix ownership Prevents hijacking

BGPsec: Path validation Cryptographic signatures Prevents path manipulation Not widely deployed

Maximum prefix: ``` router bgp 65001 neighbor 203.0.113.1 maximum-prefix 1000

Prevents route table overflow Detects misconfigurations ```

BGP in Practice

ISP Peering

Types of peering:

Transit: Pay for connectivity Full routes or default Upstream provider

Peering: Mutual exchange No payment Internet exchange points (IXP) Bilateral agreements

Customer: Provide transit Receive payment Announce customer routes

Multi-homing

Benefits: Redundancy Load balancing Provider independence Better performance

Configuration: Two or more ISP connections Own AS number BGP with each provider Policy-based routing

Inbound traffic control: AS-PATH prepending MED Communities More specific prefixes

Outbound traffic control: LOCAL_PREF AS-PATH Weight Default routes

Internet Exchange Points (IXP)

Purpose: Neutral peering location Multiple networks interconnect Reduced costs Better performance

Major IXPs: DE-CIX (Frankfurt) AMS-IX (Amsterdam) LINX (London) Equinix (multiple locations)

Troubleshooting BGP

Common Issues

Session not establishing: Check: TCP connectivity (port 179) Check: AS numbers correct Check: IP addresses correct Check: Firewall rules

Routes not received: Check: BGP session established Check: Route filters Check: Maximum prefix limit Check: Soft reconfiguration

Suboptimal routing: Check: Path attributes Check: Policies Check: AS-PATH Check: LOCAL_PREF

Diagnostic Commands

Cisco IOS: show ip bgp summary show ip bgp neighbors show ip bgp show ip bgp 192.0.2.0 show ip route bgp debug ip bgp updates

Verification: ``` show ip bgp summary - Check session state (Established) - Check prefixes received/sent - Check uptime

show ip bgp neighbors 203.0.113.1 - Detailed neighbor information - Capabilities - Statistics ```

IPv6 BGP

MP-BGP (Multiprotocol BGP)

Configuration: router bgp 65001 neighbor 2001:db8::1 remote-as 65002 ! address-family ipv6 neighbor 2001:db8::1 activate network 2001:db8:1::/48 exit-address-family

Differences: Same protocol, different address family IPv6 next-hop IPv6 prefixes Otherwise identical to IPv4 BGP

Best Practices

Design

1. Use private AS for internal: 64512-65534 for internal use Don't leak to internet

2. Implement route filtering: Filter customer announcements Bogon filtering Maximum prefix limits

3. Use route reflectors: Avoid full mesh Hierarchical design Redundant RRs

Operations

1. Monitor BGP: Session state Route counts Flapping Changes

2. Document policies: Peering agreements Route policies Community usage Contact information

3. Implement security: RPKI validation Prefix filtering AS-PATH filtering Authentication

Troubleshooting

1. Layer by layer: Physical connectivity IP connectivity TCP session BGP session Route exchange

2. Verify configuration: AS numbers IP addresses Route policies Filters

3. Check logs: Session flaps Route changes Errors Notifications

Conclusion

BGP is the routing protocol that powers the internet, enabling different autonomous systems to exchange routing information and determine optimal paths. Understanding BGP is essential for anyone working with internet infrastructure, ISPs, or large enterprise networks.

Related Articles

Routing Fundamentals

• Routing - IP routing basics
• Default Gateway - First hop routing
• IPv4 CIDR Notation - Route aggregation
• Anycast - BGP-based routing

Internet Infrastructure

• Internet Service Providers - ISP operations
• CDN - Content delivery networks using BGP
• IPv6 Adoption - BGP and IPv6
• Autonomous Systems - AS numbers

Network Protocols

• ICMP - Error reporting in routing
• TCP/IP Model - Protocol stack
• DNS Servers - DNS and BGP

Security

• DDoS Attacks - BGP hijacking
• IP Reputation - BGP blackholing

Explore More

• Networking Basics - Essential concepts
• Protocols - Internet protocols hub

Key takeaways: - BGP connects autonomous systems - Path vector protocol - Policy-based routing - eBGP between AS, iBGP within AS - AS_PATH prevents loops - Path selection based on attributes - Scalable to internet size - Security critical (RPKI, filtering) - Used by ISPs and large enterprises - Complex but powerful

BGP's flexibility and scalability make it the only protocol capable of handling internet-scale routing, making it one of the most critical protocols for global internet connectivity.