Introduction
BGP is an crucial routing protocol in worldwide Internet, responsible for routing information transmission between autonomous systems (ASs). The protocol, playing a vital role in networks, ensures the stability and reliability of global communications.
Concepts of BGP
BGP, namely, Border Gateway Protocol, whose latest version is BGP4.
As a path vector protocol, BGP guarantees data packets a smooth transmission in several networks, and helps to achieve cross-domain network connectivity and data flow, through dynamic routing decisions. Then, by maintaining routing tables, the protocol selects the routes based on various factors (such as AS path, next top). The protocol is a fundamental stone of Internet.
In this video, BGP has a brief introduction.
(1) Autonomous System (AS): Defines AS and Its Role in BGP
If BGP is likened to the postal service of the Internet, then AS is equivalent to post offices in each city. A city may have many mailboxes, however, letters in all mailboxes of the city must be sent to local post office primarily, and next to the destinations’ branch office, finally to the recipient.
AS is a network collection managed by network managers, and each AS has its unique number (AS number). In BGP, AS is the basic unit for exchanging routing information, besides AS path ensures that routing information can be transmitted correctly between different ASs.
(2) Routing Table: How to Maintain the Routing Table of Each Router?
Routing table of each router can be understood as a map of each city. The map lists all the destinations that can be reached, as well as the recommended paths, correspond to the routes. These maps will be updated as the road conditions change, to make sure that the postman know the most appropriate path.
Through maintaining a global routing table, BGP records all possible routing paths. Each routing table contains several attributes, including the destination network address, next-hop IP address, AS path and others. The routing table is updated by routing information form neighbors, making the table reflects latest network topology.
(3) Route Selection: How BGP Chooses the Best Route (e.g., AS Path, Next-Hop, etc.)
BGP route selection can be seen as postman’s choice for best delivery path, based on the traffic conditions and shortest route between two cities. If there are multiple possible routes, the postman will choose those routes in smooth traffic and least obstacles primarily. Meanwhile, he will then select the “next stop” city suitable for mails delivery, guarantees the mails arrive on time.
When BGP choose its best route, it will considers various factors, including AS path, next hop, route priority, rote cost and so on. AS path is one of the important factors for BGP to determine the routing priority, and avoids routing loops through recording the ASs passed. Moreover, next hop is to point to next router of target network, and BGP will select the best next-hop to forward the data packet.
Types of BGP: IBGP vs EBGP
The BGP used for routing within single autonomous system is called Interior Border Gateway Protocol (IBGP). In contrast, it is referred to EBGP, when used to connect two autonomous systems.
The following is a summary of the comparison between IBGP and EBGP.
| Features | IBGP | EBGP |
| Scope | Routers within a same AS. | Routers between different ASs. |
| Router Connection | Connects with internal interfaces, such as Loopback. | Connects directly with physical interfaces. |
| Route Propagation | Won’t propagate routing information from one IBGP neighbor to other IBGP neighbor. | Will propagate its learned routing information to all EBGP neighbors. |
| Route Selection | Constrained by internal AS routing strategies, and connects routers with internal protocols (such as OSPF). | Selects the best inter-AS path, and considers factors including AS path, next hop. |
| AS Path | Won’t be modified. | Prefers the shortest AS path. |
| Hot Count | Spans multiple hops. | Usually spans one hop. |
Security of BGP
BGP is not designed with a comprehensive security mechanism, hence it faces certain security risks in actual applications. To assure its security, the industry has adopted various methods to harden the protocol and reduce potential attacks and misconfigurations.
(1) Security Risks of BGP
BGP Hijacking. Attackers will falsely announce the ownership of IP addresses ranges that they actually do not own, control or route to, maliciously hijacking or interrupting traffic.
BGP Route Leaks. Erroneous routing information may be propagated to unauthorized destinations, leading to leakage of sensitive data or information.
(2) Methods to Improve Security
MD5 Authentication. Uses MD5 encryption when BGP establishes a session, to ensure the identity of its neighbor while preventing unauthorized devices from participating in routing information exchange.
Route Filtering. Constrain the acceptance and propagation of routing information by using route filters. For example, setting routes to only accept routes from specific IP address, thus avoiding receiving routing information from untrusted sources.
RPKI. Allocates digital certificates to IP addresses and AS numbers, then verifies that each route is announces by correct AS, reducing the risk of BGP hijacking and route manipulation.
BGP Monitoring. Monitors route updates in real time, as well as detects abnormal route changes.
BGPSEC. An enhanced BGP security extension protocol, using public-key encryption to sign the routing information, making the routing data integrate in transmission and also the source real.
Conclusion
BGP plays a crucial role in global network, responsible for routing information exchange between different autonomous systems. In the future, the protocol will improve the routing efficiency, support higher-speed calculation of routing path, and strengthen its security. Through more advanced authentication and encryption mechanisms, it can secure a safer and more reliable transmission of data.
