The Border Gateway Protocol (BGP) is the routing protocol of the Internet, used to route traffic across the Internet. For that reason, it’s a pretty important protocol, and it can also be the hardest one to understand.
From our overview of Internet routing, you should realize that routing in the Internet is comprised of two parts: the internal fine-grained portions managed by an IGP such as OSPF, and the interconnections of those autonomous systems (AS) via Border Gateway Protocol.
Who needs to understand BGP?
BGP is relevant to network administrators of large organizations which connect to two or more ISPs, as well as to Internet Service Providers (ISPs) who connect to other network providers. If you are the administrator of a small corporate network, or an end user, then you probably don’t need to know about Border Gateway Protocol.
- The current version of Border Gateway Protocol is BGP version 4, based on RFC4271.
- Border Gateway Protocol is the path-vector protocol that provides routing information for autonomous systems on the Internet via its AS-Path attribute.
- Border Gateway Protocol is a Layer 4 protocol that sits on top of TCP. It is much simpler than OSPF, because it doesn’t have to worry about the things TCP will handle.
- Peers that have been manually configured to exchange routing information will form a TCP connection and begin speaking BGP. There is no discovery in BGP.
- Medium-sized businesses usually get into Border Gateway Protocol for the purpose of true multi-homing for their entire network.
- An important aspect of BGP is that the AS-Path itself is an anti-loop mechanism. Routers will not import any routes that contain themselves in the AS-Path.
Why do you need to understand BGP?
When BGP is configured incorrectly, it can cause massive availability and security problems, as Google discovered in 2008 when its YouTube service became unreachable to large portions of the Internet. What happened was that, in an effort to ban YouTube in its home country, Pakistan Telecom used Border Gateway Protocol to route YouTube’s address block into a black hole. But, in what is believed to have been an accident, this routing information somehow got transmitted to Pakistan Telecom’s Hong Kong ISP and from there got propagated to the rest of the world. The end result was that most of YouTube’s traffic ended up in a black hole in Pakistan.
More sinisterly, 2003 saw a number of Border Gateway Protocol hijack attacks, where modified Border Gateway Protocol route information allowed unknown attackers to redirect large blocks of traffic so that it travelled via routers in Belarus or Iceland before it was transmitted on to its intended destination.