Fundamentals of BGP Operations

The Border Gateway Protocol (BGP) is the foundational protocol that

enables data routing between different networks on the internet, known
as Autonomous Systems (ASes). It is the protocol responsible for making
the internet function as a vast, interconnected network. To fully
understand BGP operations, it is crucial to explore its purpose,
functionality, types, key concepts, message types, peering mechanisms,
path selection process, scalability, security considerations, and practical
applications. Below is an in-depth explanation:

1. Purpose of BGP

BGP is specifically designed for routing between multiple Autonomous

Systems (ASes). An Autonomous System (AS) is a collection of IP
networks and routers under the control of a single organization that
presents a common routing policy to the internet. Examples include
Internet Service Providers (ISPs), large enterprises, and academic
institutions.

 Inter-AS Routing: BGP enables efficient routing across the global

internet by managing the exchange of routing information between
ASes. Unlike Interior Gateway Protocols (IGPs) like OSPF (Open
Shortest Path First) or EIGRP (Enhanced Interior Gateway Routing
Protocol), which operate within a single AS, BGP is classified as an
Exterior Gateway Protocol (EGP), designed for routing between
different ASes.

 Policy-Based Routing: BGP allows network administrators to

define routing policies that influence the selection of paths based on
various attributes. This policy-driven routing is essential for handling
the diverse requirements of different networks and organizations.

2. How BGP Works

BGP uses a path vector mechanism to maintain route information

between ASes, ensuring loop-free and efficient routing. Here’s a closer
look at how BGP operates:

 Path Vector Protocol: BGP routers maintain a path vector that

records the complete path (a sequence of AS numbers) to reach
each destination. This path information is used to prevent routing
loops and provides a scalable solution for inter-domain routing.

 Neighbor Relationships (Peering): BGP routers establish a

connection over TCP (Transmission Control Protocol), typically
on port 179. These connections are called BGP peering sessions
or neighbor relationships. Unlike some IGPs, BGP neighbors must
 be manually configured; there is no automatic neighbor discovery.
Once a BGP session is established, peers exchange their entire
routing tables and subsequently only share incremental updates as
the network changes.

 Decision Process: BGP employs a complex decision-making

process to select the best path to a destination based on multiple
attributes, such as AS_PATH, origin type, NEXT_HOP, Multi-Exit
Discriminator (MED), and LOCAL_PREF. This multi-attribute
approach allows BGP to make sophisticated routing decisions
beyond simple metrics like hop count.

3. Types of BGP

BGP is categorized into two primary types, each serving a distinct

purpose:

 External BGP (eBGP): Used for routing between different ASes. It

is commonly used between ISPs or between an ISP and its customer.
eBGP is essential for maintaining global internet routing and is
responsible for the exchange of routing information across AS
boundaries.

 Internal BGP (iBGP): Used for routing within a single AS. iBGP is
crucial for distributing external routes learned from eBGP peers to
all routers within an AS, ensuring consistent routing information
across the entire AS. iBGP peers do not re-advertise routes learned
from other iBGP peers to avoid routing loops, necessitating a full
mesh topology or the use of route reflectors.

4. Key Concepts in BGP

Understanding BGP requires familiarity with several critical concepts and

attributes:

 Autonomous System Number (ASN): A unique identifier

assigned to each AS by regional internet registries (RIRs). ASNs are
used in BGP to maintain routing policies and prevent loops. Public
ASNs are visible on the global internet, while private ASNs are used
for internal routing.

 AS Path: A list of AS numbers that a route advertisement has

traversed. The AS path is a fundamental attribute used by BGP to
prevent routing loops and influence path selection. Shorter AS paths
are generally preferred, but other factors may override this
preference.
  Next-Hop Attribute: This attribute indicates the IP address of the
next router to reach a particular network. BGP uses the next-hop
attribute to construct its forwarding table and determine the next
hop for each route.

 Route Aggregation: BGP can perform route aggregation (or

summarization) to reduce the size of the routing table. Aggregation
combines multiple IP prefixes into a single, larger prefix, improving
scalability and reducing routing table size.

 BGP Attributes: BGP uses various attributes to determine the best

path for routing. The most significant attributes include:

o AS_PATH: Shows the ASes a route has traversed.

o NEXT_HOP: Indicates the next hop IP address to reach a

destination.

o LOCAL_PREF (Local Preference): Used within an AS to

indicate the preferred path to exit the AS.

o MED (Multi-Exit Discriminator): Suggests a preferred path

into an AS for external BGP neighbors.

5. BGP Message Types

BGP uses several message types for communication between peers:

 OPEN: Used to establish a BGP session between peers. It includes

parameters such as ASN, BGP version, and hold time.

 UPDATE: The most common message type used to exchange

routing information between BGP peers. It contains information
about new routes and routes to be withdrawn.

 NOTIFICATION: Sent when there is an error in the BGP session,

such as a malformed message or hold time expiration. This message
type terminates a BGP session.

 KEEPALIVE: Sent periodically to maintain the BGP session and

verify that the connection is still active.

6. BGP Peering and Session Establishment

BGP establishes peering sessions using TCP port 179. The process of
establishing a BGP session involves several steps:

1. Session Initiation: A router initiates a session by sending an OPEN

message to its peer, specifying its ASN, router ID, and other session
parameters.
 2. Negotiation: The peer responds with its own OPEN message, and
the two routers negotiate session parameters such as keepalive
interval and hold time.

3. Session Maintenance: After the session is established, routers

exchange KEEPALIVE messages periodically to ensure the
connection remains active.

4. Route Exchange: Routers send UPDATE messages to advertise new

routes or withdraw obsolete routes as the network topology
changes.

5. Session Termination: If an error occurs or a router decides to

close the connection, a NOTIFICATION message is sent to terminate
the session.

7. BGP Path Selection Process

BGP follows a specific path selection process to determine the most

optimal route to a destination. The process involves several criteria,
evaluated in order:

1. Highest Weight (Cisco-specific): Prefer the path with the highest

weight. This is a Cisco-proprietary attribute used only within a
router.

2. Highest LOCAL_PREF (Local Preference): Prefer the path with

the highest local preference, which indicates the preferred path for
outbound traffic within an AS.

3. Shortest AS_PATH: Prefer the path with the shortest AS path

(fewer AS hops).

4. Lowest Origin Type: Prefer paths with an origin type of IGP over
EGP, and EGP over INCOMPLETE.

5. Lowest MED (Multi-Exit Discriminator): Prefer the path with the

lowest MED, used to influence inbound traffic from neighboring
ASes.

6. eBGP over iBGP: Prefer routes learned via eBGP over routes
learned via iBGP, giving precedence to external paths.

7. Lowest IGP Metric to the BGP Next Hop: Prefer the path with
the lowest IGP cost to reach the next-hop IP address.

8. Oldest Route: Prefer the path that was received first, which
promotes stability in the network.
 9. Lowest Router ID: As a final tie-breaker, prefer the path from the
router with the lowest router ID.

8. BGP Scalability and Convergence

 Scalability: BGP is designed to handle the vast size of the internet's

routing table. It minimizes routing updates by sending only
incremental changes and uses techniques like route aggregation to
reduce the size of the routing table.

 Convergence: BGP convergence refers to the process of all BGP

routers reaching a consistent view of the network. Due to the
complexity and scale of the internet, BGP convergence can be
slower than IGPs, especially in large networks. BGP's path vector
mechanism and attribute processing contribute to its slower
convergence time.

9. Security in BGP

BGP is vulnerable to various security threats, such as route hijacking,

route leaks, and prefix misconfiguration. Several measures can be
implemented to enhance BGP security:

 BGP Prefix Filtering: Configuring filters to ensure only legitimate

prefixes are advertised or accepted, reducing the risk of malicious or
incorrect route advertisements.

 Route Validation: Using mechanisms like Resource Public Key

Infrastructure (RPKI) to validate route origins and ensure that the
AS advertising a prefix is authorized to do so.

 MD5 Authentication: Securing BGP sessions with MD5

authentication to prevent unauthorized access and mitigate certain
types of attacks.

10. Practical Applications of BGP

BGP is crucial for various scenarios, particularly in large-scale networks

and service provider environments:

 ISPs and Large Enterprises: BGP is essential for ISPs and large
enterprises that connect to