Definition
Border Gateway Protocol (BGP) is a standardized gateway protocol that exchanges routing information across autonomous systems (AS) on the Internet.
Overview
Border Gateway Protocol is the protocol that makes the Internet work. Networks or autonomous systems that need to interact with each other do so through peering, which is made possible with BGP.
When one network router is connected to other networks it cannot determine which network is the best network to send its data to by itself. Border Gateway Protocol considers all peering partners that a router has and sends traffic to the router that is closest to the data’s destination. This communication is possible because, at boot, BGP allows peers to communicate their routing information and then stores that information in a Routing Information Base (RIB).
Issues with Border Gateway Protocol
Border Gateway Protocol was originally created in 1989 as a quick fix for the Internet but it has remained the primary protocol for long distance traffic. Since then, however, cyber threats have evolved and BGP has not kept up.
Border Gateway Protocol abuse is called BGP hijacking which is possible because the protocol relies on trusting advertised routes. There have been multiple attempts at making a more secure version of BGP but implementation is extremely problematic. Most of the new versions are unable to communicate with standard BGP which means that every AS across the world would have to adopt the new protocol simultaneously.
A few BGP incidents that have taken place in the past include:
- In 2004, TTNet, a Turkish Internet service provider (ISP), advertised bad BGP routes that claimed they were the best destination for all traffic on the Internet. The issues only lasted one day but many people across the world were unable to access the Internet.
- In 2008, a Pakistani ISP attempted to block Pakistani users from accessing YouTube by routing traffic to a black hole. The route was accidentally advertised to neighboring routers which propagated the route across the world. In this instance, YouTube was only inaccessible for several hours.
- In 2018 attackers deliberately created bad BGP routes to redirect traffic meant for Amazon’s DNS service. By redirecting the traffic to themselves, they were able to steal $100,000 of cryptocurrency.
How Border Gateway Protocol Works
The previous section covers how Border Gateway Protocol allows autonomous systems to interact; this section will give a small insight into how to actually implement the protocol and create peering relationships.
One of the most popular networking equipment companies in the world is Cisco. The command line example below shows how to enable BGP and configure a peer on a Cisco Nexus 7000 series switch.
[enter configuration mode]
switch# configure terminal
[enable BGP and assign the ASN 64496]
switch(config)# router bgp 64496
[configure the IP and ASN for a peer]
switch(config-router)# neighbor 209.165.201.1 remote-as 64497
[add a description for the peer]
switch(config-router-neighbor)# description Peer Router B
[enter the neighbor address family configuration mode]
switch(config-router-neighbor)# address-family ipv4 unicast
[save configuration changes]
switch(config-router-neighbor-af) copy running-config startup-config
Another popular vendor is Juniper Networks which has its own operating system called Junos OS. The operating system’s command line varies slightly from Cisco’s. To configure a peering relationship that is the same as the example above you would issue the following commands:
[enable BGP and assign the ASN 64496]
set routing-options autonomous-system 64496
[define the external-peers group and type]
set protocols bgp group external-peers type external
[add a neighbor to external-peers]
set protocols bgp group external-peers neighbor 209.165.201.1 peer-as 64497
Examples of Border Gateway Protocol
Border Gateway Protocol use cases can be found anywhere that two networks need to exchange traffic such as internet exchange points (IXPs). They can also be found within a single meshed network where routers need to communicate information to forward traffic.
Internal vs. external Border Gateway Protocol
Up to this point we’ve primarily focused on external peers, meaning that the communicating autonomous systems have different autonomous system numbers (ASNs). Internal peering, however, is when a BGP session runs between two devices with the same ASN.
The methods that external BGP (eBGP) and internal BGP (iBGP) use to send and interpret messages differ slightly so many people consider them to be two separate protocols.
The purpose of iBGP is to allow eBGP route advertisements to be forwarded throughout an entire network—not just to a single piece of equipment. For example, you may have an external peering relationship set up at an IXP in New York. When traffic is passed to your network with eBGP, iBGP picks up and determines where the traffic needs to go next within your network.
Generally, the loopback interface is used to establish a connection between iBGP peers. This method of connection provides fault tolerance because if the device is up, the loopback interface will always be available. Internal neighbors do not need to be directly connected like external ones; however, they do need to be fully meshed to avoid routing loops, meaning that each device must be logically connected to every other device through peering relationships.
Key Takeaways
- Internal and External Border Gateway Protocol are standardized gateway protocols designed to facilitate Internet usage by routing traffic across networks.
- Border Gateway Protocol is inherently vulnerable to attack due to its trust-based design, but upgrading to a more secure protocol has proven too difficult so far.
- Most networking equipment vendors implement different operating systems on their routers and switches so there is no standardized way across the industry to enable and configure BGP.