Skip to main content

What is BGP (Border Gateway Protocol)?

Published on:
.
7 min read

Every minute, or so, since the inception of the internet revolution in the early 2000s, an estimated two hundred new websites have been established. Thus, approximately 250,000 new websites are launched globally each day. Internet users are obviously dispersed across the globe; therefore, it is critical that certain individuals in Japan who are attempting to access a website hosted in Argentina do so within milliseconds. Due to the geographical distance and latency, however, this is exceedingly difficult to accomplish. Nonetheless, entering a website into the search console of a web browser and pressing the enter key results in a redirection to that site occurring in under one second. In your opinion, how does that occur? How can it be possible that irrespective of one's geographic location, accessing a website located thousands of miles away can be completed in mere seconds? The Border Gateway Protocol is utilized in this situation.

In this article, we will define the Border Gateway Protocol (BGP). The Border Gateway Protocol (BGP) is a dynamic routing protocol that enables the internet to exchange routing information between autonomous systems (AS). BGP is an exterior gateway protocol, meaning it is designed to share routing information between different ASes. BGP assists routers in exchanging data and determining the most effective routes for transmitting data packets across the internet. BGP is a critical component of the internet's infrastructure, as it ensures that data packets are routed efficiently and reliably. Without BGP, the internet would not be able to function as a global network.

What is the Purpose of BGP?

BGP is intended to facilitate the exchange of reachability and routing information among autonomous Internet systems. Each BGP speaker, referred to as a "peer", exchanges routing information in the form of network prefix announcements with its neighboring peers. This prevents an AS (Autonomous System) from being dependent on another AS in order to determine its network prefix.

After analyzing all the data, the BGP decision-making mechanism designates one of its peers to forward packets to a specific destination.

Every peer maintains a table containing the complete set of routes it is aware of for every network, and it distributes this data to the autonomous systems in its vicinity.

BGP facilitates the acquisition of routing information from adjacent autonomous systems by an AS, enabling the latter to "advertise" that information even more extensively. Each peer transfers the information internally within its own autonomous system.

Similar to the physical world, there are typically multiple routes available to reach a specific destination. BGP is tasked with the responsibility of ascertaining the optimal route by evaluating the gathered information and the routing policy of an organization, which encompasses various factors including cost, reliability, speed, and more.

Get Started with Zenarmor Today For Free

How to Configure BGP?

Border Gateway Protocol (BGP) configuration is critical because it specifies how routers discover and advertise reachable networks. Misconfiguration can result in a multitude of complications that can significantly compromise the performance, security, and overall functionality of your network. A general list of the steps involved in configuring BGP is given below:

  1. Determine the network requirements and topology.

  2. Assign IP addresses to interfaces.

  3. Configure BGP on the routers or switches.

  4. Establish peering relationships between BGP neighbors.

  5. Advertise network prefixes to BGP neighbors.

  6. Verify BGP peering status and routing table entries.

  7. Optionally, implement route redistribution or policy-based routing.

  8. Monitor and maintain BGP operation for optimal network performance.

What is Next-Hop-Self in BGP?

Next-Hop-Self configures the router as the next hop for a BGP-speaking neighbor or peer group and enables BGP to send itself as the next hop for advertised routes.

The next-hop-self command, when executed in the no form, will return the peer's nexthop-self status to its default state. The IP address will be used to determine the next hop in the chain. This next-hop-self command is used by an administrator to instruct a BGP speaker to fill out its address when advertising routes to a BGP peer.

In non-meshed networks, this next-hop-self command is useful because BGP neighbors may not have direct access to all other neighbors on the same IP subnet.

In essence, Next-Hop compels the router to perform a recursive lookup in order to ascertain which egress interface ought to be utilized in order to send the packets out towards the outside world.

What is the BGP Port Number?

BGP peers are created by manually configuring routing devices to establish a TCP session on port 179. BGP is unique among routing protocols because it uses TCP as its transport protocol. To maintain the connection, a BGP-enabled device sends keepalive messages at regular intervals.

Over time, BGP has emerged as the dominant interdomain routing protocol on the Internet. However, it only provides limited guarantees of stability and security. Configuring security options for BGP must strike a balance between appropriate security measures and reasonable costs. There is no clear winner among the methods. Each network administrator must configure security measures that are appropriate for the network being used.

For more information on the security issues associated with BGP's use of TCP as a transport protocol, see RFC 4272, BGP Security Vulnerabilities Analysis.

What are BGP Timers?

BGP uses four timers to manage the health and stability of connections between routers: keepalive timer, hold timer, graceful restart timer, and stalepath timer. Keepalive timers and hold timers work together to detect if a connection is down. Graceful restart timers allow routers to notify each other before restarting to avoid data loss. Stalepath timers determine how long to wait before removing routes after a restart. Let us take a detailed look at each BGP time and setting:

  1. Keepalive timer: BGP systems communicate via keepalive messages to determine whether a link or host has failed or is no longer available. The keepalive timer, like the hold timer, indicates whether a router can be reached by its BGP peer. The keepalive timer is the KEEPALIVE_INTERVAL between periodic BGP messages exchanged between a router and its on-premises peer router.

  2. Hold timer: The hold timer measures the shortest period of time since the last successful keepalive message was detected. It specifies how long your router should wait, in the absence of a graceful restart notification, before removing routes learned from another router. This value is set by the router to be three times the value of its configured keepalive timer. For example, if the keepalive timer is set to 20 seconds, the hold timer will be 60 seconds.

  3. Graceful restart timer: Graceful restart timer measures the amount of time a router waits after receiving a graceful restart notification (TCP FIN or RST packet) from another router. A router that supports graceful restart advertises a graceful restart timer value, which specifies how long the other router must wait after receiving a graceful restart notification. Two peer routers use different graceful restart timer values, but a router is expected to respect its peer's graceful restart timer value. When a new BGP session is established, each router sends its own graceful restart timer value to the peer router using the BGP OPEN message.

  4. Stalepath timer: Stalepath timer controls how long BGP retains stale routes from the restarting BGP peer. Any changes to the BGP configuration are implemented by restarting the current BGP sessions on the VRF. The no form of this command resets the stale path timer to the default value of 300 seconds.

Does BGP Have an Active State?

Yes, BGP has an active state. BGP peers start in an idle state. In the idle state, the peers have established an adjacency with one another but have not yet initiated or received any communication.

BGP uses TCP as its transport protocol. So, in order for a BGP adjacency to exist, a TCP connection must be established first. While both peers are in the IDLE state, they will attempt to initiate a TCP connection at independent intervals (depending on when the BGP peering configuration was completed). When one peer initiates the TCP three-way handshake with a SYN, that peer enters the Active state. This state indicates that the local router is actively attempting to initiate a TCP connection.

When the other peer receives the TCP SYN from its peer, it will enter the Connect state. This state indicates that the local router received a TCP initiation from the other router and responded with a SYN ACK.

What is the Private AS Range in BGP?

BGP autonomous system numbers are classified into two types: private and public. The public AS numbers range from 1 to 64511, while the private AS numbers range from 64512 to 65535.

Private AS numbers are used to divide large AS into many small AS numbers with the sole purpose of conserving Public AS numbers. Private AS numbers, like private and public IP addresses, should not be leaked to the internet. As a result, these Private AS numbers must be removed before updates are sent to the global BGP mesh, also known as the internet.

What is BGP Metric?

The BGP MED attribute, also known as the Multi-Exit Discriminator, is a measure used by the Border Gateway Protocol (BGP) to find the optimal path for routing data between autonomous systems.

Network administrators can set the value of the MED property, which allows them to customize routing decisions. The MED characteristic can be set manually or transferred automatically from one autonomous system to another. This provides better flexibility and adaptability in BGP routing decisions. Overall, the BGP MED characteristic is useful for improving network traffic flow across various independent systems.

What is a Route Map in BGP?

Route maps are the "if-then" programming solution for Cisco devices. A route-map allows you to check for certain match conditions and (optionally) provide a value. Route maps are similar to access lists but more advanced. They are significantly more powerful because, in addition to prefixes, you can provide a variety of match conditions and values.

Is BGP an Interior Gateway Protocol (IGP) or an Exterior Gateway Protocol (EGP)?

BGP is the most widely used exterior gateway protocol (EGP) on the Internet today. It is responsible for routing traffic between different autonomous systems (AS) on the internet. Unlike Interior Gateway Protocols (IGPs) that operate within a single AS, BGP handles communication and routing between networks managed by different organizations.

What is an Autonomous System (AS) in the Context of BGP?

An Autonomous System (AS) is a collection of Internet routable IP prefixes that belong to a network or a group of networks that are all managed, controlled, and overseen by the same company or organization. An AS uses a common routing policy that is managed by the entity. The Internet Assigned Numbers Authority (IANA) assigns a globally unique 16-digit identification number to each AS, known as the autonomous system number (ASN).

IANA provides autonomous systems numbered one through 64511 for global use. The 64512 to 65535 series is designated for private and exclusive use. Autonomous Systems were developed to oversee networking companies such as Internet Service Providers (ISPs), educational institutions, and government agencies.

Border Gateway Protocol (BGP) is the protocol that manages routed peerings, prefix advertisement, and packet routing between different autonomous systems on the Internet. BGP uses the ASN to uniquely identify each system. In fact, BGP serves as the routing protocol for AS paths over the internet.

How Does BGP Facilitate Communication Between Different Autonomous Systems?

Among various autonomous systems (ASes) on the Internet, BGP is the main protocol used to communicate routing information. The sharing of routing information between networks is facilitated by its ability to allow routers within an AS to connect with routers in other AS. An overview of how BGP functions is given below:

  • BGP Peering: To share routing information, known as eBGP between different AS and iBGP within the same AS, routers establish peer relationships.

  • BGP Messages: To initiate sessions, exchange routing updates, report issues, and maintain connectivity, BGP uses four message types: OPEN, UPDATE, NOTIFICATION, and KEEPALIVE.

  • Adj-RIBs-In (unprocessed routes), Loc-RIB (best routes), and Adj-RIBs-Out (routes to advertise) are maintained by each BGP router.

  • BGP Qualities: AS_PATH, NEXT_HOP, LOCAL_PREF, and MED are among the qualities that route in BGP carry, and they have an impact on path propagation and route selection.

  • BGP Decision Process: Based on parameters like LOCAL_PREF, AS_PATH length, MED, and route origin, routers employ a decision process to determine which route is optimal.

  • Route Propagation: In order to ensure the spread of routing information, BGP routers broadcast their best routes to peers, who then assess and may decide to advertise them further.

  • Route Aggregation and Filtering: In order to enforce routing regulations and security measures, BGP routers can filter routes based on prefixes or AS_PATH. They can aggregate routes to lower the size of the routing table.

In addition to providing reachability and policy-based routing control across ASes, BGP plays a critical role in sustaining the global Internet routing infrastructure. This includes guaranteeing effective and dependable data packet routing.

Why Does BGP Use a TCP-Based Communication Protocol?

Every routing protocol has been created with specific processes in mind. The formation of neighbor relationships is limited to neighbors who are directly connected, a feature shared by the Interior protocols. Additionally, the router code can be utilized to maintain neighbor relationships. BGP had a distinct design. Multiple hops away routers can establish neighbor associations via BGP. This is made simpler by using a common IP protocol such as TCP. Additionally, unlike OSPF, BGP neighbor checking maintains the neighbor relationship without the need for routing protocol code since it leverages TCP's connection-oriented feature.

What is Prepend in BGP?

BGP Prepend is a technique used to manipulate the AS-Path attribute of a BGP route by adding the originating AS number multiple times. This effectively increases the perceived length of the path, potentially influencing route selection decisions. BGP Prepend has the following functions:

  • Prioritizing Specific Paths: By intentionally increasing the length of the AS path, the use of prepend might decrease the attractiveness of a certain route, hence persuading routers to choose alternate pathways.

  • Preventing Routing Loops: In some scenarios, the utilization of the prepend technique might effectively avert routing loops by artificially extending the perceived length of a path beyond its true route.

  • Controlling Route Propagation: The technique of using prepend may restrict the spread of a route to certain autonomous systems (ASes), hence preventing it from reaching unwanted destinations.

While prepend can be a valuable tool, it's crucial to use it cautiously. Excessive prepend can disrupt routing stability and lead to unintended consequences. Additionally, prepend can be misused to manipulate routing decisions for malicious purposes.

What is a BGP Prefix List?

A BGP prefix list is a collection of IP prefixes used to filter incoming and outgoing Border Gateway Protocol (BGP) routes. It acts as a firewall for your network, allowing you to control which routes are accepted or rejected based on specific criteria.

Routing systems can decide which routes to accept when they peer with other networks by using a prefix list. It consists of IP prefixes that either permit or prohibit route redistribution based on match criteria. It has one or more sequentially processed ordered entries.

On network subnets, prefix lists can be applied as a match criterion for route map rules. For instance, you can create a rule to match the prefix and include it as a match criterion in the BGP redistribution route map if you wish to stop a route for 10.0.0.0/24 from being redistributed.

Prefix lists enhance network security and routing efficiency by performing the next functions:

  • Optimizing routing: Controlling which routes are advertised to other networks, reducing unnecessary traffic, and improving performance.

  • Filtering malicious traffic: Blocking unwanted routes that could potentially harm your network.

  • Enforcing routing policies: Implementing specific routing rules to align with your network's security and performance requirements.

What is BGP Weight?

In Cisco's implementation of BGP, the weight attribute is a proprietary feature that influences the selection of the best path during route advertisement. It's the first attribute BGP considers when comparing paths. The default weight is 0, and the range is from 0 to 65535. The prefix will have a weight of 32768 when it is produced locally. A higher weight indicates a more preferred path.

BGP weight is a Cisco proprietary feature and will not be found on other vendor routers. Weights are not transferred between BGP routers. Weight is just local to the router.

How to Configure BGP Weight Attribute?

A generalized version of the steps for configuring the BGP Weight attribute is given below:

  1. Assign IP addresses to the interfaces on all routers involved in the BGP setup.

  2. Configure BGP on the relevant routers (e.g., routers 2 and 4).

  3. Establish BGP neighbor relationships between routers in the same AS or different ASes, depending on the network topology.

  4. Verify BGP neighborship status using commands such as show ip bgp summary or equivalent commands based on the router platform.

  5. Check the routing table entries on each router to ensure that BGP routes are being advertised and received correctly. Commands like show ip route can be used for this purpose.

  6. Optionally, manipulate BGP attributes like Weight on specific routers to influence route selection decisions.

  7. Use router-specific commands to set the Weight attribute for specific BGP neighbors or routes.

  8. Verify the impact of any attribute manipulations on route selection by examining the routing table and performing traceroutes to destination networks.

  9. Ensure that the desired paths are being chosen based on the configured attributes.

  10. Understand that adjusting BGP attributes like Weight allows administrators to prioritize certain paths over others based on their network policies and requirements.

By following these generalized steps, network administrators can effectively configure and manage the BGP Weight attribute to optimize routing decisions within their networks.

What is the Administrative Distance Used in BGP?

Administrative distance is a feature that routers use to choose the optimum way when there are two or more routes to the same destination using different routing protocols. The default administrative distance for BGP routes is 20 for external BGP (eBGP) and 200 for internal BGP (iBGP). However, these values can be manually configured.

Administrative distance is just one factor considered in BGP route selection. Other factors include local preference, metric, and origin type.

Most routing protocols use metric structures and algorithms that are incompatible with other protocols. In a network with multiple routing protocols, the ability to share route information and select the optimum path across the protocols is crucial. The administrative distance determines the reliability of a routing protocol. Each routing protocol is prioritized from most to least trustworthy (believable) using an administrative distance value.

How to Advertise Networks in BGP?

BGP route advertisement is a fundamental technique that allows routers to share information about the optimal routes to different destinations.

Understanding how BGP route advertisement works allows you to better understand your network's operation and how to improve its performance.

In networking terms, BGP route advertisement refers to the process of broadcasting routing information to surrounding routers. This is an important feature of the Border Gateway Protocol (BGP), which is used to exchange routing and reachability information between autonomous computers on the internet.

Each BGP router has a table of probable network destinations, as well as metrics like path and hop count. They subsequently advertise their routes to neighboring routers and collect route information from those neighbors. By providing this information, BGP enables more efficient use of network resources and ensures that data packets reach their intended destination.

How to Monitor BGP?

There are two main approaches to monitor BGP:

  1. Route Collectors: These act like eavesdroppers in the BGP world. They mimic border routers and establish sessions with real BGP routers from various organizations. Unlike active routers, route collectors passively listen in on BGP conversations, collecting data on the best routes chosen by connected devices. This data is stored in a standardized format and can be used to analyze routing behavior.

  2. BGP Monitoring Protocol (BMP): This is a newer, standardized way to monitor BGP. BMP uses a specific protocol to communicate with monitoring nodes, providing detailed views of BGP sessions.

For comprehensive BGP monitoring, you can use either of these methods or even combine them for a more complete picture of your BGP health.

What are Some Security Challenges Associated with BGP?

Below are three ways in which attackers can potentially abuse BGP:

  1. BGP route manipulation: A malicious device modifies the contents of the BGP table, preventing traffic from reaching its intended destination.

  2. BGP route hijacking: A rogue device maliciously broadcasts a victim's prefixes, causing traffic to redirect to or through itself. Rerouting traffic might cause network instability when there is a rapid load spike. This allows attackers to obtain potentially unencrypted traffic that they would not otherwise have access to, or use hijacked BGP to run spam operations, evading IP blacklist protection.

  3. BGP denial-of-service (DoS): A malicious device sends unexpected or unwanted BGP traffic to a victim, depleting all resources and preventing the target system from processing genuine BGP traffic.

While some BGP problems are purposeful, others, such as BGP route leaks, may be the result of unintentional misconfigurations within the operations of these big networks. Regardless of their goal, they can make the internet insecure and unstable.

Why is BGP Considered Crucial for the Functioning of the Internet?

The internet works thanks to the Border Gateway Protocol (BGP), which handles data routing. BGP routing is crucial since the internet is fundamentally composed of hundreds of thousands of autonomous systems.

An autonomous system is a smaller network managed by a single administrative agency. Such networks can be identified by their autonomous system number, which is assigned by the Internet Assigned Numbers Authority (IANA). As data goes from source to destination, it passes via autonomous systems. BGP enables every autonomous system to perform the following actions.

  • Find the best route: As data flows across the internet from source to destination, each autonomous machine in the path must select where the data packet should go next. The selection is based on a number of factors, including geographical location, network congestion, and data transfer cost. BGP routing takes these aspects into account and helps find the next best autonomous system, ensuring that data travels the quickest path from source to destination.

  • Discover network connection changes: The structure of the internet is dynamic. New autonomous systems are regularly introduced, while old ones are retired. Every autonomous system must stay up to date on new and outmoded routes. BGP enables systems to detect and keep up with such network changes.

  • Administer network policies: BGP provides the ability for autonomous system administrators to design their own routing strategies. For example, you can set up a BGP-enabled router to discriminate between internal and external routes within the autonomous system. The administrator can create rules that specify whether data should be sent internally or outside.

  • Add a layer of network security: BGP provides security in network administration. BGP, for example, uses predefined passwords to authenticate data between routers. Administrators can authenticate BGP messages sent by legitimate autonomous systems and filter out illegitimate traffic.

Get Started with Zenarmor Today For Free
Last updated on by Zenarmor