What is BGP? Explaining Border Gateway Protocol
The Internet is simply a collection of networks (or autonomous systems) that connect and communicate with each other. Networks need a way to send and receive information to interact with one another.
Introducing Border Gateway Protocol (BGP) – The routing protocol of the Internet.
BGP manages how data packets get delivered between the networks and finds all of the routes that the Internet has around the world. In short, BGP is the routing protocol that makes the Internet operate efficiently as we know it.
What is BGP?
Border Gateway Protocol definition
BGP, also known as Border Gateway Protocol, is the routing protocol used by the global Internet. BGP finds the best path by weighing the latest network conditions via reachability and routing information among edge routers. BGP routes traffic and controls how packets are sent between autonomous systems (AS), which are networks managed by a business or service provider.
What Are Autonomous Systems?
An autonomous system (AS) is a large IP network or group of networks run by one or more network operators that has a unified routing policy. The Internet is a network of networks made up of innumerable smaller ASes. Every computer or device that connects to the Internet is connected to an AS.
Peering is how ASes communicate and share network traffic. One method that ASes use to peer with one another is via physical locations called Internet Exchange Points (IXPs).
New systems are continuously appearing on the Internet, while older ones are frequently rendered unavailable. As a result, each AS must maintain information on both new and outdated routes. This is accomplished through peering sessions, in which each AS establishes a TCP/IP connection with a nearby AS in order to exchange routing data. Each AS can correctly route outbound data using this information.
Depending on each business and their peering agreement, ASes sometimes charge one another to transfer traffic across their networks. The cost of access might occasionally affect the BGP’s final route choice.
Who Operates Autonomous Systems?
ASes often belong to Internet service providers (ISPs) or other large establishments like tech firms, academic institutions, governmental bodies, and research facilities. Each AS must have a registered autonomous system number (ASN) in order to exchange routing information.
What are BGP Autonomous System Numbers?
A single ASN must be shared by all IP networks linked to a common ISP or organization. The Internet Assigned Numbers Authority (IANA) assigns a unique ASN to each company. IANA provides ASNs to Regional Internet Registries (RIRs), who then assign the ASNs to ISPs and networks. ASNs are numbers that range from one to 65534 in 16-bit format and from 131072 to 4294967294 in 32-bit format.
There are two types of BGP Autonomous system numbers: Private and Public ASN.
A private BGP ASN is used internally.
A public BGP ASN is to trade data over the global Internet.
The Private AS numbers are used to divide large AS into many small AS numbers to save Public AS numbers.
How does BGP Work?
Border Gateway Protocol is the routing mechanism used to route traffic over the Internet. Most providers just have the paths to every prefix instead of a default route. BGP learns multiple paths to a given route and chooses the best path between routers in order to distribute paths to every destination.
A network router is unable to select the optimal network to send data to when there are numerous networks linked to it. In order to transmit traffic to the router that is closest to the data destination, BGP considers all of a router’s peering partners via peers’ routing information. This routing information is kept in a Routing Information Base (RIB).
Each router or network host stores a RIB that contains information about the distances or routes to network destinations to aid in controlling packet direction. RIB uses data from both directly connected external peers and internal peers. Based on policies for what routes should be utilized and what information should be released, RIB continuously updates the routing table as changes take place.
The simplified illustration above shows how BGP can decide the best route to deliver traffic. For AS1 to send its data packet to AS6, it can choose among three available paths:
- Route via AS2 to reach AS6
- Route via AS3 to reach AS6
- Route via AS4, AS5 to reach AS6
The choice is quite clear in this example – routing via AS3 is the most efficient route, requiring only 2 hops rather than the 3-hops path via AS4. It also does not have to suffer through the traffic congestion currently happening via AS2.
What routing protocol does BGP use?
The goal of routing protocols is to establish routing tables, learn of available routes, and make routing decisions. BGP stands out from other dynamic routing systems in that it uses TCP/IP (or TCP) as its transport mechanism. BGP is the type of mesh topology that uses TCP to determine the optimum path for communication between routers.
OSPF and BGP are two of the most popular routing protocols. The main difference between OSPF and BGP is that, OSPF is an intra-domain routing protocol, while BGP is the inter-domain routing protocol. BGP recommended paths from within an AS, like internal BGP, or from outside the AS, like external BGP.
What are external BGP and internal BGP?
External BGP and internal BGP definition
There are two types of Border Gateway Protocol, which are external BGP (eBGP) and internal BGP (iBGP).
Internal BGP is a form of BGP that neighboring devices or networks within the same AS can use to route through their own internal networks. Internal BGP does not communicate with other ASes when the process is only required between two internal peers. To link the routers on their internal network, ASes can select from a variety of internal protocols.
External BGP is the Border Gateway Protocol extension that is used to transfer exchange information between distinct autonomous systems. This means the BGP mechanism requires the use of edge routers to interface two ASes. Utilizing iBGP is NOT a necessity for using eBGP.
Explaining external BGP and internal BGP
The distinction between local and long-distance mail may be used to illustrate the difference between iBGP and eBGP. External BGP is similar to international mail. When sending mail overseas, there are a number of rules and regulations that must be adhered to.
Local mail only travels a short distance to an address within the same community, thus it doesn’t go to a regional sorting office. The mail can only reach the final destination by the local mail service of the target country once it arrives there. Similar to how every nation has its own internal postal system, autonomous systems also have their own internal routing protocols.
Wherever possible, use iBGP to provide efficient routing since an internal BGP system prevents loops. Routing loops are much more common in external BGP systems.
BGP flaws & How to address them
Information exchange failures are a common problem with BGP. BGP is a route-sharing mechanism depending on trust. Since ASes implicitly trust the advertised routes that are shared with them, incidents may occur. Peers may declare inaccurate route information accidentally or on purpose, which may cause traffic to divert and have undesirable outcomes.
Data exchanges are not always successful since the data may be structured incorrectly or contain inaccurate information. Routers can also experience memory or storage issues, or slow at responding to updates. Whenever errors like timeouts, improperly formatted requests, and processing issues happen, routers need to send out error codes and subcodes to convey these issues.
The most common BGP incidents are accidental misconfigurations, or BGP hijacks, and prefix leaks.
Some of the recent BGP incidents are:
The major cloud network’s prefixes, including those from Akamai, Amazon AWS, Cloudflare, Digital Ocean, and Hetzner, were hijacked in April 2020 by AS12389 (Rostelecom).
Over 13046 network prefixes were exposed by AS264462 in a networking incident that lasted for more than an hour in July 2020.
AS1221 (Telstra) announced almost 500 prefixes in a BGP hijack event in September 2020, which impacted 266+ ASNs in 50 different countries.
Over 30,000 BGP prefixes were hijacked via AS55410 (Vodafone) in April 2021, resulting in a 13X increase in inbound traffic. The majority of the prefixes, which included Google, Microsoft, Akamai, and Cloudflare, were from the US.
A South Korean cryptocurrency platform’s BGP prefixes were hijacked by attackers and stole $1.9 million worth of cryptocurrency in February 2022.
Solution to BGP threats
There have been multiple attempts at making a more secure version of BGP, such as a security framework for routing called Resource Public Key Infrastructure (RPKI). However, implementation is still a big concern because it requires every AS across the world to adopt the new protocol simultaneously. Keeping the Internet highways clean and secure is hard work, and it takes a strong commitment from all network operators around the world.