BGP (Border Gateway Protocol)

How does BGP work?

Each router maintains a routing table controlling how packets are directed. Routing table information is generated by the BGP process on the router, based on incoming information from other routers, and information in the BGP routing information base (RIB), which is a data table stored on a server on the BGP router. The RIB contains information both from directly connected external peers, as well as internal peers, and based on policies for what routes should be used and what information should be published, continually updates the routing table as changes occur.

What is BGP used for?

BGP offers network stability that guarantees routers can quickly adapt to send packets through another reconnection if one internet path goes down. BGP makes routing decisions based on paths, rules or network policies configured by a network administrator. Each BGP router maintains a standard routing table used to direct packets in transit. BGP uses client-server topology to communicate routing information, with the client-server initiating a BGP session by sending a request to the server.

BGP routing basics

BGP sends updated router table information only when something changes, and only the affected information. BGP has no automatic discovery mechanism, which means connections between peers must be set up manually, with peer addresses programmed in at both ends.

BGP makes best-path decisions based on current reachability, hop counts and other path characteristics. In situations where multiple paths are available -- as within a major hosting facility -- BGP policies communicate an organization's preferences for what path traffic should follow in and out. BGP community tags can control route advertisement behavior among peers.

BGP in networking is based on TCP/IP. It operates on the OSI Transport Layer (Layer 4) to control the Network Layer (Layer 3). As described in RFC4271 and ratified in 2006, the current version of BGP-4 supports both IPv6 and Classless Inter-Domain Routing (CIDR), which enables the continued viability of IPv4. Use of the CIDR is a way to have more addresses within the network than with the current IP address assignment scheme.

Common BGP issues

Common issues with BGP include information exchange failures. Information exchanges don't always succeed as information can be improperly formatted or contain incorrect data. Routers can run out of memory or storage, or be too slow to respond to updates. Routers send error codes and subcodes to communicate problems including timeouts, malformed requests and processing problems.

BGP security

BGP is also vulnerable to attacks based on misinformation. Malicious actors can flood a router with bad packets in a denial-of-service attack, for example. They can also claim to be the source of routing information for an AS, and (temporarily) control where traffic headed from that AS goes, a practice known as BGP hijacking.

Difference between internal and external BGP, OSPF

When BGP is used to route within a single AS, it is called internal BGP, or iBGP. When used to connect one AS to others, it is called external BGP, or eBGP.

The OSPF (Open Shortest Path First) protocol is used only in internal networks. OSPF is focused on finding the shortest route available between nodes, and on failing over to that shortest route as quickly as possible. BGP is slower to fail to a new route but is more scalable. OSPF is essentially hierarchical in structure, while BGP is a mesh. Some networks are replacing OSPF with iBGP.

Facebook outage

Social media applications Facebook, Instagram and WhatsApp went offline for six hours on Oct. 4, 2021. The outage was reportedly due to there being no working BGP routes into the social media sites and the DNS servers going offline. This essentially disconnected the social media apps from the internet.