Border Gateway Protocol, or BGP, is the routing protocol of the internet, and its power can make it challenging to configure correctly.
The wide variety of applications makes it impractical to cover all BGP best practices in a single article. Here we provide a quick list of common tips and examine some sources of recommended best practices for use in a network.
BGP is used to exchange network reachability information between the networks that constitute the global internet. SMB networks frequently rely on an ISP for network connectivity and to advertise routing information to the rest of the internet.
BGP has evolved over the years to handle a variety of network reachability information. Its routing policy controls provide great flexibility in the distribution of this reachability information. This flexibility makes it a favored protocol for use in larger and more complex networks.
Especially large enterprises frequently use BGP as an internal routing protocol or to interconnect regional routing domains. Its power and flexibility enable it to scale up to handle networks that traditional interior routing protocols can't support.
BGP and reachability information
Organizations typically use External BGP (eBGP) to share network reachability information with the global internet. Note that many organizations may not use BGP directly and rely on their ISP to advertise the organization's routes to the global internet.
A different configuration, known as Internal BGP (iBGP), distributes reachability information within an organization. Many policy mechanisms can control the flow of both eBGP and iBGP information into and out of the network.
If network teams have a requirement to use MPLS or Ethernet VPN (EVPN), then they'll be using Multiprotocol BGP (MP-BGP) within their network to distribute the reachability information. These configurations overlay a virtual network using BGP over an interior routing protocol, like Open Shortest Path First or Enhanced Interior Gateway Routing Protocol.
BGP best practices
Teams will find that some recommendations consistently appear as BGP best practices, including the following:
- Configure BGP using always up loopback interfaces and never physical interfaces.
- Don't redistribute routes between IGP and BGP or between iBGP and eBGP.
- Configure summary routes in BGP to limit the size of its routing table.
- Use a catch-all route to Null0 that's the same as the summary route to prevent routing to unreachable subnets. This is a good practice when creating any summary routes.
- Filter routes to only those you should advertise and those you need to accept.
- Use BGP confederations and route reflectors as necessary to scale up within large networks.
- Implement routing protocol security and Unicast Reverse Path Forwarding filters.
BGP implementation references
BGP configuration is complex enough that entire books have been written on the topic. The best practices change over time and vary according to how BGP is used.
For BGP within ISPs:
- This 2021 presentation, "BGP Best Current Practices," is a comprehensive coverage of ISP use, explaining different route filtering techniques.
For BGP within enterprises:
- Refer to documents like "Best practices for enterprise IP routing." While it's from 2015, its material is still applicable.
Teams may also consider using BGP internally if their enterprise networks exceed the interior routing protocol's ability to scale. In this configuration, they would break the network into regions, run an interior protocol within each region and use BGP to propagate reachability information -- e.g., summary routes -- between regions. This hierarchical design scales up well.
MPLS and Virtual Extensible LAN (VXLAN) EVPN will require teams to deploy MP-BGP as an overlay on their interior routing protocol. These implementations have a different set of best practices for each one.
More BGP resources
For MPLS configuration:
- A good reference for MPLS configuration is the presentation, "MPLS Application, Services & Best Practices for Deployment."
- For those who prefer webinars, a good reference is "Enterprise MPLS VPN Deployment."
For VXLAN EVPN configuration:
- A good place to start is "VXLAN EVPN Multi-Site Design and Deployment White Paper."
While most references contain Cisco-specific configurations, they all do a good job of explaining the best practice concepts for typical network designs.
BGP's power and flexibility enable it to scale and be applied to multiple problems. It can scale to exceptionally large networks with the proper configuration and provides overlay routing for MPLS and EVPN. Its versatility makes it part of almost all networks currently running and should be on every network engineer's list of protocols to understand.