BGP (Border Gateway Protocol) - secuguru/security-terms GitHub Wiki

BGP (Border Gateway Protocol) is a core protocol used to exchange routing information between Autonomous Systems (AS) on the internet. BGP functions as the backbone of the internet, enabling various networks—such as Internet Service Providers (ISPs), data centers, and corporate networks—to connect and communicate by sharing routing information. It helps determine the most efficient path for transmitting data across networks.

Key Features of BGP

  1. Inter-AS Routing:
  • BGP is an EGP (Exterior Gateway Protocol) that determines routing between networks. An Autonomous System (AS) refers to a single network or group of networks, each identified by a unique AS number (ASN). BGP facilitates the exchange of routing information between different ASs.
  1. Path Vector Protocol:
  • BGP operates as a path vector protocol, where each route contains an AS path list. Routers use these attributes to select the best route and forward traffic. This mechanism also helps prevent routing loops by maintaining a list of ASs that the route traverses.
  1. Scalability:
  • BGP is designed to scale for large networks, such as the global internet. It efficiently handles hundreds of thousands of routes and interactions between numerous Autonomous Systems. 4.Policy-Based Routing:
  • BGP allows network administrators to set policies for route selection based on various criteria, such as prioritizing certain paths or avoiding others. This gives organizations flexibility in controlling traffic flow across their network. 5.BGP Route Selection Process:
  • BGP selects the optimal route based on the following criteria:
    1. Weight: A locally assigned value that influences route preference.
    2. Local Preference: A setting within an AS that ranks route preferences.
    3. AS Path: The route with the fewest AS hops is preferred.
    4. Origin Type: The protocol through which the route was learned (IGP, EGP, or unknown).
    5. MED (Multi-Exit Discriminator): A value that helps determine the best exit point when multiple paths to the same destination exist.
    6. Next-Hop: Evaluates the availability of the next-hop router.

How BGP Works

  1. BGP Peering:
  • BGP operates through peering between Autonomous Systems. Each AS’s routers establish connections, known as BGP peers, to exchange routing information. These peers use TCP (port 179) to ensure reliable transmission of routing updates.
  1. BGP Updates:
  • BGP peers exchange BGP update messages whenever a new route is added or an existing route is withdrawn. These updates allow routers to maintain an up-to-date routing table.
  1. iBGP and eBGP:
  • iBGP (Internal BGP): Used within an AS to share routing information among routers.
  • eBGP (External BGP): Facilitates routing information exchange between different ASs. iBGP handles internal routing, while eBGP manages external routing.

BGP and the Internet

BGP is essential for the functioning of the internet. The internet comprises thousands of interconnected Autonomous Systems, and BGP allows these systems to exchange routing information efficiently. If BGP encounters an issue, it can disrupt large parts of the internet.

BGP Security Issues

  1. BGP Hijacking:
  • One of the major security issues with BGP is BGP hijacking. In this scenario, an attacker propagates incorrect routing information, redirecting traffic to their own AS. This can lead to data interception or service disruptions.
  1. Enhancing BGP Security:
  • Technologies such as RPKI (Resource Public Key Infrastructure) have been introduced to improve the security of BGP by authenticating and validating the routes exchanged between Autonomous Systems, helping to mitigate BGP hijacking.

Conclusion

BGP is the protocol that facilitates routing information exchange between Autonomous Systems, enabling proper data transmission across the internet. While BGP is flexible and scalable, it also has security vulnerabilities that need to be addressed through continuous improvements in routing security technologies.