Categories
IT Security Outsourced IT

Border Gateway Protocol

What is Border Gateway Protocol?

Border Gateway Protocol (BGP) refers to a gateway protocol that connects all networks over the internet by enabling the internet to exchange routing information between autonomous systems (ASs). BGP connects ASs, allowing them to exchange information about their reachability. Updated information about reachability can be stored by BGP routers in order to recommend the best route possible to reach a certain network. Once a change has been made, the BGP router informs neighbors about the change, which prompts the neighbor to make the same change. BGP’s inter-autonomous system configuration allows two autonomous systems to communicate with each other and to stay continuously connected to the internet. BGP routing has the following elements:

Autonomous systems (AS) communication. When two ASs communicate with each other, they exchange information about their respective networks. The information that they communicate includes details such as IP address ranges, subnet masks, and network-related data. This information is then used to build a routing table that details all of the possible routes between two ASs.

Route updates. After a routing table has been established, it needs to be regularly updated so that any network changes can be noted, a process referred to as route updating. Route updating involves sending messages back and forth between two ASs so that they both have the latest details in their routing tables.

Path attributes. BGP uses path attributes to determine which route should be taken to send packets from one AS to another. Path attributes may include latency, hop count, and transmission cost.

Functions of BGP include:

Maintaining route details. BGP routers update all available routes to the internet in the routing table and use that information to determine the best route.

Route selection. BGP uses path attributes to determine which route offers the best performance.

Redundancy. BGP will automatically reroute traffic to an alternative route if it detects that the primary path is not functioning properly.

Cybersecurity. BGP can protect against malicious traffic by filtering out messages that do not come from legitimate ASs. BGP can also authenticate messages between routers using passwords or keys that ensure only authorized ASs can exchange information.

Network communication. BGP allows communication between networks such as IPv2 and IPv6, ensuring communication regardless of device or network type.

It is critical to ensure that BGP is properly configured in order to avoid the following issues:

  • Instability
  • Errors due to misconfiguration
  • Cybersecurity vulnerabilities
  • Propagation delays