The Border Gateway Protocol (BGP) is a routing protocol used to exchange routing information among different Internet Service Providers (ISPs) and autonomous systems (ASes). BGP is an essential component of the Internet’s global routing infrastructure, enabling packets to be routed from one network to another. In this blog post, we will take a closer look at how BGP works.

• Autonomous Systems (ASes)
• BGP and Routing
• BGP Peering
• BGP Routes
• BGP Path Selection
• BGP Message Types
• BGP Security
• BGP Operations
• BGP Configuration
• Conclusion

Autonomous Systems (ASes)

An Autonomous System (AS) is a collection of IP networks that are under a common administrative domain, and that share routing policies. An AS can be thought of as a single organization or a service provider, and can consist of one or more routers. Each AS is identified by a unique Autonomous System Number (ASN).

BGP and Routing

Routing is the process of selecting the best path for network traffic to take from its source to its destination. BGP is a protocol that enables routers in different ASes to exchange routing information, allowing them to determine the best path for traffic to take from one network to another.

BGP Peering

BGP peering is the process of establishing a connection between two BGP-speaking routers. The routers can be in the same AS, or in different ASes. BGP peering is established using Transmission Control Protocol (TCP) port 179.

BGP Routes

BGP routes are the paths that BGP-speaking routers use to forward traffic. BGP routes are made up of a series of Autonomous System (AS) numbers that the traffic must traverse to reach its destination. Each AS in the path is referred to as a “hop”. BGP routes can be learned from other BGP-speaking routers in the same or different ASes.

BGP Path Selection

BGP uses a set of rules to determine the best path for traffic to take. These rules are known as BGP path selection criteria, and include the following:

• Prefer the path with the highest weight value.
• Prefer the path with the highest local preference value.
• Prefer the path with the shortest AS path.
• Prefer the path with the lowest origin code.
• Prefer the path with the lowest MED (Multi-Exit Discriminator) value.
• Prefer the path with the eBGP (external BGP) path over the iBGP (internal BGP) path.
• Prefer the path with the lowest IGP (Interior Gateway Protocol) metric to the next-hop router.

BGP Message Types

BGP routers exchange information using different types of BGP messages. These include:

• Open: This message is sent when a BGP peering session is established between two routers. The Open message contains information about the BGP version number, the ASN of the sender, and the BGP capabilities of the sender.
• Update: This message is sent when there is a change in the BGP routing table. The Update message contains information about the new route or the withdrawal of an existing route.
• Keepalive: This message is sent to keep the BGP peering session alive. Keepalive messages are sent periodically.
• Notification: This message is sent to indicate an error condition or to terminate the BGP peering session.

BGP Security

BGP is vulnerable to a number of security threats, including spoofing, hijacking, and man-in-the-middle attacks. To mitigate these threats, BGP relies on a number of security mechanisms, including:

• Route filtering: This involves filtering incoming and outgoing BGP routes to ensure that only valid routes are accepted.
• BGP message authentication: This involves using digital signatures to verify the authenticity of BGP messages.
• Peer authentication: This involves using a shared secret key to authenticate BGP peers.
• BGP session encryption: This involves encrypting BGP sessions to prevent eavesdropping and tampering

BGP Operations

BGP operations involve the following steps:

1. Establish BGP Peering: The first step in BGP operations is to establish BGP peering between two routers. This is done by configuring BGP on both routers and setting up the peering session.
2. Exchange BGP Routes: Once BGP peering is established, the routers exchange BGP routes. BGP routes are exchanged using the Update message, which contains information about the new route or the withdrawal of an existing route.
3. Process BGP Routes: Once BGP routes are received, the routers process them using the BGP path selection criteria to determine the best path for traffic to take.
4. Install BGP Routes: Once the best path for traffic has been determined, the routers install the BGP routes in their routing tables.
5. Advertise BGP Routes: Once BGP routes have been installed, the routers advertise them to their BGP peers using the Update message.

BGP Configuration

BGP is configured on a per-router basis. BGP configuration involves the following steps:

1. Assign an Autonomous System Number (ASN): Each router in an AS must be assigned a unique ASN.
2. Configure BGP Peering: BGP peering is configured by specifying the IP address of the remote BGP-speaking router, the ASN of the remote router, and the local ASN.
3. Configure BGP Policies: BGP policies are used to control the flow of traffic between ASes. BGP policies are configured using Access Control Lists (ACLs) or prefix lists.
4. Configure Route Maps: Route maps are used to modify BGP routes as they are received or advertised.

Conclusion

BGP is a critical component of the Internet’s global routing infrastructure. It enables packets to be routed from one network to another, and it is used by ISPs and ASes to exchange routing information. BGP uses a set of rules to determine the best path for traffic to take, and it relies on a number of security mechanisms to mitigate security threats. BGP configuration involves assigning an ASN, configuring BGP peering, configuring BGP policies, and configuring route maps.