BGP (Border Gateway Protocol)

  • Fabian Sinner
  • February 28, 2024

Table of content

    BGP (Border Gateway Protocol)

    The Border Gateway Protocol (BGP) is the standard routing protocol used to route data packets on the Internet. It enables Internet Service Providers (ISPs) and other large networks to communicate efficiently with each other and exchange routing information to determine the best possible paths for data traffic through the immense network of connected systems on the Internet.

    What is the Border Gateway Protocol (BGP) used for?

    The Border Gateway Protocol (BGP) is a path vector protocol that belongs to the category of Exterior Gateway Protocols (EGPs). This means it is used for routing between autonomous systems (AS), i.e., between separate administrative domains on the Internet. Each autonomous system is identified by a unique AS number (ASN).

    The main function of BGP is to ensure stability in Internet routing by announcing the reachability of networks and selecting routes based on policies and path attributes that can influence decisions about the best path. These attributes include, for example, path length, the policies of the ASs involved, and the availability of network paths.

    It can also be used to make routing decisions based on a variety of administrative considerations, such as traffic control, load balancing, loop avoidance, and the implementation of security policies.

    How does the Border Gateway Protocol (BGP) work?

    The Border Gateway Protocol (BGP) works by exchanging routing and reachability information between autonomous systems (AS) on the Internet. An autonomous system is a collection of IP networks and routers under the control of a single organization that follows a common routing strategy.

    BGP allows these systems to efficiently determine how data packets should be transmitted between them over the Internet.

    1. Establishment of BGP sessions: Two BGP routers (peers) establish a TCP connection on standard port 179 with each other to start a BGP session. This connection is used to exchange routing information. BGP uses a keepalive message to maintain the connection.
    2. Exchange of routing information: After the BGP session has been established, the peers exchange their complete routing tables. They then only send incremental updates if there are changes in their local routing. This reduces the bandwidth requirement and the load on the routers.
    3. Path vector protocol: BGP is a path vector protocol, which means it communicates the paths (i.e., the sequence of ASs that data packets must traverse to reach a destination) that can be used to reach each network. Each router adds its AS number to the path when passing routing information, which helps to avoid loops.
    4. Best-path selection: BGP routers use a set of criteria to determine the best path to a destination network from the available paths. These criteria include path length (number of AS hops), preference values (local preference), whether the path passes through a directly connected neighbor (multi-exit discriminator, MED), and the organization’s routing policies.
    5. Propagation of the best paths: After a BGP router determines the best path to a target network, it propagates this information to its BGP neighbors. This process is repeated over the entire Internet so that all ASs know the most effective and efficient paths to all other networks.
    6. Maintenance of routing information: BGP routers constantly monitor the availability of paths and update their routing tables as needed to respond to changes in network topology or failures. If a path is no longer available, the router selects an alternative path based on the remaining available paths.

    Who uses the technology?

    Internet Service Providers (ISPs) are the primary users of BGP, as they operate large networks that route data packets over the Internet. They use BGP to exchange routing information with other ISPs and to determine the best path for data traffic through the Internet.

    Companies with large network operations, especially those that connect multiple sites across geographically dispersed areas, also use BGP to connect their internal networks to the Internet and route traffic efficiently.

    Content Delivery Networks (CDNs) use BGP to deliver content to end users as efficiently as possible. BGP helps them choose the best route to minimize latency and maximize performance.

    Cloud service providers and data center operators use BGP to connect their infrastructures to the Internet and ensure optimal accessibility of their services. BGP enables them to control data traffic based on availability, performance and costs.

    Some large universities and research institutes that have autonomous systems use BGP to connect their networks to the global Internet and to better manage traffic. Similarly, government agencies and military organizations that have their own network infrastructures use BGP to manage traffic and ensure communications security.

    BGP is relevant for anyone operating an autonomous system on the Internet. It is critical to the scalability of the Internet because it enables the dynamic and efficient routing of data packets across complex, ever-changing paths between networks.

    What is the difference between internal and external BGP?

    The main difference between Interior Border Gateway Protocol (iBGP) and Exterior Border Gateway Protocol (eBGP) lies in their scope and purpose within the network hierarchy, particularly in terms of how they are used to route data between autonomous systems (AS) and within a single AS.

    External BGP (eBGP)

    eBGP is used between different autonomous systems. This means that it connects networks belonging to different organizations, such as different Internet Service Providers (ISPs) or an ISP and a large company. The main purpose of eBGP is to enable reachability of network addresses between different ASs and to determine the best path for traffic traveling over the global Internet.

    eBGP enables very detailed and granular control of routing policy, including the selection of paths based on various attributes such as AS path lengths, preferences, costs, and other criteria. Since eBGP is operated between different organizations, security measures such as authentication of BGP sessions are of great importance to ensure the integrity of the routing information exchanged.

    Internal BGP (iBGP)

    iBGP is used within a single autonomous system. It enables the communication and exchange of routing information between routers within the same AS. iBGP distributes reachability information and external routing decisions obtained through eBGP within the AS. This helps to keep internal routing decisions consistent with the external preferences and policies of the AS.

    To avoid routing loops and ensure consistency of routing information, iBGP often requires full meshing between all iBGP routers within an AS, or route reflectors are used to avoid the need for full meshing. iBGP does not change most BGP attributes when passing information within the AS. This ensures a consistent view of routing information and allows for effective internal propagation of external preferences.

    To summarize, eBGP is used for communication between different autonomous systems to enable Internet routing, whereas iBGP is used for internal dissemination of routing information within a single AS to ensure consistent and efficient use of external routes obtained through eBGP.

    Link11 DDoS Report at Mid-Year Reveals 33% more Attacks
    DDoS Extortions against thousands of firms by alleged Phantom Squad