# Border Gateway Protocol

Border Gateway Protocol (BGP) is a routing protocol used to transmit routing information so that hosts or computers in one network can communicate with those in other networks anywhere on the internet. BGP is categorized as an external routing protocol since it deals with routing beyond an organization's internal network. BGP is standardized by the IETF.

BGP selects one best path based on a number of rules. BGP also ensures that paths are loop free. By adapting to route failures, BGP ensures network stability. When one path fails, a new path is quickly found. BGP uses TCP on port 179 as its transport protocol.

## Discussion

• Can you explain some commonly used terms in BGP?

A BGP speaker is a router that supports BGP. It communicates with other BGP speakers to share routing information. Routers that have established a mutual connection are called peers. .

IP prefix is a block of IP addresses allocated to an organization. A collection of routers in a network having a group of IP prefixes and sharing a common routing policy is called an Autonomous System (AS). The internet connects many of these systems. The Internet Assigned Numbers Authority (IANA) assigns each AS with a globally unique Autonomous System Number (ASN).

There are broadly two types of routing protocols. An Interior Gateway Protocol (IGP) such as RIP, EIGRP, and OSPF does routing within an AS. An Exterior Gateway Protocol (EGP) such as BGP does inter-AS routing. However, BGP can also be used for intra-AS routing. For this reason, some use the terms Internal BGP (iBGP) and External BGP (eBGP) to distinguish between intra-AS and inter-AS usage of BGP.

• Why do we need BGP?

BGP is a routing mechanism that connects and binds the entire internet globally. It's in charge of determining the optimum path for a packet from its origin to its destination through the autonomous systems. BGP controls how data packets are distributed between the massive networks that make up the internet, allowing it to function properly.

It's a critical protocol since the internet would not function without it. The whole path to each destination is included in BGP routing information. BGP maintains a database of network reachability information, which it shares with other BGP systems, using the routing information.

• What are the characteristics of BGP?

BGP employs TCP as its transport protocol. Therefore BGP needn't implement functions already implemented at TCP, such as explicit update fragmentation, retransmission, acknowledgement, and sequencing. Since BGP doesn't have any built-in security mechanism, TCP Authentication Option (TCP-AO) was introduced. It improves the security and authenticity of TCP segments transmitted during BGP sessions. TCP-AO can handle both IPv4 and IPv6 traffic.

BGP is a path vector protocol that relies on dynamically updated path information to reach a destination. Path vector protocol keeps all paths loop-free.

BGP has a mandatory attribute NEXT_HOP for all the routes in a BGP table. This value is typically the address of the peer in another AS. For intra-AS routing, we can use OSPF; or use iBGP and update the attribute to point to a neighbouring router within the AS. The figure shows an example where packets from CE2 to 1.0.0.0/8 are routed via 200.0.0.11. Hence CE2 has the NEXT_HOP attribute set to 200.0.0.11 for destination 1.0.0.0/8.

• What are the message types in BGP?

A BGP message in BGP consists of header and data. All messages have fixed size header. BGP defines five message types:

• Open Messages: After establishing a TCP connection by a three-way handshake, an open message is issued to establish a BGP connection. Subsequently, they can exchange other messages and data traffic.
• Update Messages: By sending update messages, network reachability information such as route announcements and withdrawals can be shared. Thus BGP maintains a graph of connections.
• Keepalive Messages: This is exchanged to keep the connection alive or to test connectivity. It's frequently exchanged to prevent the hold timer from expiring.
• Notification Messages: When a problem with the BGP session is discovered, such as a hold timer expiring, changing neighbour capabilities, or a request for BGP session reset, a notification message is provided. The BGP connection is then terminated.
• Route-Refresh Messages: It's requested by peers dynamically when a route advertiser needs to resend the update messages.
• How does BGP choose the best path?

BGP selects a best path between two peers. Given below is the list of criteria to select best path:

• Weight: Choose the route which has most weight. Greater the weight value, higher the preference for that path.
• Local Preference: If many routes have same weight, choose the one with highest local preference.
• Origin: Prefer the route which was originated by local router. Next hop for a locally originated route is 0.0.0.0.
• AS-Path: This is used in case two similar path is detected with same preference.
• Origin Code: If AS-Path length is same prefer path with lowest MED (Multi-Exit Discriminator) which selects best path when there are multiple connections between autonomous systems(AS).
• eBGP over iBGP: Prefer eBGP. eBGP's administrative distance is 20 whereas iBGP's is 200.
• IGP metric: Lowest IGP for next-hop is preferred.
• External Paths: If both routes are external select first and oldest.
• Router ID: Select the path to router which has lowest router ID.
• Cluster list: If multiple paths have same router ID select minimum length.
• Neighbour Address: Select path from lowest neighbour address which is the IP address used in BGP neighbour configuration.
• What are the different BGP states?

Establishing a BGP session between speakers requiring a reliable transport protocol. This is provided by TCP. Thus a BGP session is established in two phases: TCP connection establishment phase and BGP session establishment phase. BGP maintains a Finite State Machine (FSM) per peer to track the operational status.

Three BGP states relate to establishing the TCP connection:

• IDLE: Initial state of BGP before any connection happens.
• Connect: BGP initiates TCP connection and waits for successful three-way handshake. If successful, it's transferred to open-sent state.
• Active: Failed to establish a connection and a new three-way handshake is initiated.

Three BGP states relate to establishing the BGP session:

• Open-Sent: Open message is sent from the originating router to the peer.
• OpenConfirm: Open message is received from the peer. Wait for Keepalive message.
• Established: Connection is success. Peers can now exchange routes by sending Update message.
• What are the limitations of BGP?

The difficulty with BGP is that it doesn't explicitly incorporate built-in security and relies on network operators to effectively safeguard their systems. BGP hijacking and leak incidents have been a persistent source of concern since the early 2000s.

One of the major challenges that BGP faces is the expansion of the routing table. This issue arises when the routing table grows to the point where certain older, less capable routers are unable to meet the requirements for routing table maintenance, resulting in issues such as 512k day.

BGP is vulnerable to prefix hijacking, which is the deliberate generation of incorrect routing information. The attacker announces routes to disrupt a service on an IP space or hijack traffic to sniff any confidential information. The reasons for this are numerous and difficult to comprehend. Prefix hijacking will also have the same effects as route leaks caused by any router misconfiguration.

## Milestones

Sep
1982

Gateway-to-Gateway Protocol (GGP), a first experimental internet gateway is implemented by Bolt, Beranek and Newman (BBN) for use in the US department of Defense for a project named ARPANET. This is the early days of the internet. . The gateway forwards datagrams between networks because it contains a dynamic routing table with an entry for every network that may be reached. The closest gateway is determined by the "number of hops" necessary. A gateway has zero hops when connected directly to the network. The number of hops increases as the number of gateways increases.

Apr
1984

DARPA Internet is growing continuously requiring more gateways making GGP less feasible as it requires constant updates. As a result, the Exterior Gateway Protocol (EGP) is implemented through RFC904. The EGP includes autonomous systems, each with a unique identifier. It can transmit traffic from one autonomous system to another, making internet flat and uniform. . The protocol uses Hello/I-Heard-You (I-H-U) message exchanges to poll the reachability of neighbouring autonomous systems on a regular basis. The EGP was actually discussed conceptually in 1982.

Jun
1989

Kirk Lougheed and Len Bosack of Cisco, and Yakov Rekhter of IBM write a new protocol with experience gained on EGP. EGP has problems with regional networks providing false information. Intra-regional routing is also isolated from the latest NSFNET, the backbone of internet. They write this new protocol on napkins. For this reason, it's sometimes called the Two-Napkin Protoco. In RFC 1105, these ideas becomes the Border Gateway Protocol.

Jun
1990

Border Gateway Protocol (BGP) gets a major update with the publication of RFC 1163 and RFC 1164. It has resolved several issues that arose with the first version of BGP described in RFC 1105. Several Messages types and their applications are redefined. The concept of path attributes is introduced to communicate information about traffic routes. In addition, directional topology in routers that can be up, down or horizontal is removed and replaced with arbitrary AS topology.

Oct
1991

RFC 1267: BGP-3 is published with several improvements and corrections. If two BGP speakers attempt to make a TCP connection to each other at the same time, two parallel connections may be formed. This is referred to as a connection collision. A new field BGP identifier is introduced now and been added to message type OPEN to detect and recover from a connection collision. Also, information exchange between previously reachable routes is optimized and simplified.

Mar
1995

RFC 1771: BGP-4 is published as a Draft Standard based on last year's Proposed Standard RFC 1654: BGP-4. Major concept of Classless Inter-domain Routing (CIDR) is introduced with the support of advertising IP Prefix to the reachable destination. This eliminates the need for network classes. For storage and bandwidth efficiency, it also helps to aggregate route update messages received from several different routes to be advertised as single routing table entry. The handling of connection collision becomes more sophisticated in this upgrade.

Feb
1998

With new RFC 2283, multiprotocol extensions with support for IPv6, IPX, and other network layer protocols are added to BGP-4, which previously only supported IPv4. This BGP-4 expansion is also known as Multiprotocol BGP (MBGP) or Multicast BGP. To facilitate this and offer backward compatibility, two new attributes are introduced: Multiprotocol Reachable NLRI (MP REACH NLRI) and Multiprotocol Unreachable NLRI (MP UNREACH NLRI).

Jan
2006

RFC 4271: BGP-4 is published, thus obsoleting RFC 1771 that was published more than a decade earlier. Among many technical modifications, this update clarifies the use of the BGP identification in the AGGREGATOR attribute, the various types of NEXT HOPs, and the use of the ATOMIC AGGREGATE attribute.

Feb
2008

To block YouTube access in Pakistan as a result of government order a Pakistan Telecom (AS17557) begins to advertise to its provider PCCW (AS 3491) a small part of 208.65.153.0/24 prefix owned by YouTube (AS36561). Without verifying ownership, PCCW propagates this wrong route. This results in requests to YouTube coming to Pakistan Telecom's network. When YouTube starts announcing the same prefix, BGP selects Pakistan Telecom because it has a shorter path.

Dec
2012

As the two-octet encoding for autonomous system numbers approaches its limit, RFC 6793 is introduced with several clarifications and editorial changes obsoleting RFC 4893 (May 2007) to support four-octet ASNs. In addition, a BGP capability code with two new attributes AS4 PATH and AS4 AGGREGATOR is introduced to support this. These new attributes are introduced to disseminate this four-octet-based information to BGP speakers who don't support the new feature.

Aug
2014

On 12th August, an Internet Service Provider (ISP) called "Verizon" pushes 15,000 new routes into BGP tables. This unexpectedly surpasses the maximum of 512,000 routes that BGP routers can actually hold. BGP routing tables are stored in TCAM (Tertiary Content Addressable RAM), which reached its memory limit on this fateful day. A remedy for this anticipated problem was recommended, and notifications were provided in May 2014. However, most ISPs failed to make the necessary modifications.

Nov
2018

A group of criminal hackers known as 3ve (pronounced "eve") hacks 1 million IP addresses from reputable organizations such as the US Air Force, as well as from residential and business users in North America and Europe. Using botnets they hijack BGP for an endless supply of highly valuable IP addresses. Hackers generate \$29 million via ad fraud involving bots placing bids on counterfeited domains.

Oct
2021

Facebook and its affiliated services such as WhatsApp and Instagram become unavailable for nearly six hours. This is due to an incorrect internal configuration. They stop announcing BGP routes to their DNS Prefix around 15:58UTC. BGP UPDATE messages begin flooding in from Facebook, causing all routes to it to be withdrawn. DNS servers go offline, cutting it off from the internet. As a result, all DNS resolvers stopped resolving their domain names by responding SERVFAIL.

Author
No. of Edits
No. of Chats
DevCoins
7
3
2104
3
4
1294
2243
Words
1
Likes
914
Hits

## Cite As

Devopedia. 2022. "Border Gateway Protocol." Version 10, June 1. Accessed 2022-09-22. https://devopedia.org/border-gateway-protocol
Contributed by
2 authors

Last updated on
2022-06-01 11:49:29
• Site Map