BGP (Border Gateway Protocol)

Definition

BGP (Border Gateway Protocol) is the routing protocol of the Internet. It manages how packets are routed across the Internet by exchanging routing and reachability information between Autonomous Systems (ASes).

BGP is classified as a path vector protocol and is responsible for routing traffic between different networks (ISPs, large organizations, cloud providers).

Key Concepts

• AS (Autonomous System): A collection of IP routes under a single administrative domain (e.g., an ISP, a large company)
• AS Number (ASN): Unique identifier for each AS (16-bit: 1-65535, 32-bit: 134560-234560)
• eBGP (External BGP): BGP between different ASes
• iBGP (Internal BGP): BGP within the same AS
• BGP Path: Sequence of ASes a route traverses (AS_PATH attribute)
• Peering: Direct connection between two ASes for traffic exchange
• Transit: One AS routes traffic through its network to another AS
• Prefix: IP address range advertised by an AS

BGP Route Selection (Simplified)

1. Highest Weight (vendor-specific, local to router)
2. Highest Local Preference (within AS)
3. Locally originated routes (preferred)
4. Shortest AS_PATH
5. Lowest Origin type (IGP < EGP < Incomplete)
6. Lowest MED (Multi-Exit Discriminator)
7. eBGP over iBGP
8. Lowest IGP metric to next-hop
9. Oldest path (for route stability)

BGP in Cloud/Infrastructure

Use Case	Description
Cloud On-Ramp	Connect on-prem to cloud via BGP peering
Multi-Homing	Multiple ISP connections for redundancy
CDN Peering	CDN providers peer directly with ISPs
Anycast	Same IP advertised from multiple locations
VPN-to-VPN	Site-to-site VPN using BGP for route exchange

BGP vs Other Routing Protocols

Protocol	Type	Use Case	Convergence
BGP	Path vector	Inter-AS routing (Internet)	Slow (minutes)
OSPF	Link-state	Intra-AS routing (enterprise)	Fast (seconds)
EIGRP	Advanced distance vector	Intra-AS routing (Cisco)	Fast
RIP	Distance vector	Small networks	Slow

BGP Security

• RPKI (Resource Public Key Infrastructure): Validates that an AS is authorized to announce IP prefixes
• BGPsec: Cryptographic validation of AS_PATH (limited adoption)
• Prefix Filtering: Reject unexpected or unauthorized IP announcements
• Route Origin Validation (ROV): Check if an AS should announce a prefix

Related Terms

• VPN — BGP used in VPN-to-VPN route exchange
• Cdn — BGP traffic filtering for security
• Load Balancer — BGP peering with cloud providers

References

• Wikipedia: https://en.wikipedia.org/wiki/Border_Gateway_Protocol
• RFC 4271: https://datatracker.ietf.org/doc/html/rfc4271
• BGP fundamentals: https://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/13749-3.html