BGP Tutorial: The Glue of the Internet

bgptutorialBorder Gateway Protocol (BGP) is an external path-vector routing protocol with familiar distance vector characteristics. It has some unique features that make it suitable as the routing protocol of the Internet. BGP works with objects called Autonomous Systems – networks that fall under a single administrative authority – but BGP knows only how to build a path to get to them and it knows nothing about the internal network of the neighbor Autonomous Systems.

Learn more about BGP and routing protocols at Udemy.com

When an external BGP router peers with other AS external routers, it is because the administrator has manually configured the link, so there has to be an agreement to peer with other AS routers. In most cases were BGP is implemented, it is simply a single eBGP peer configuration to an Internet service provider (ISP). For that reason, BGP routers in corporate environments rarely know many Internet routes because they don’t need to. They are simply running BGP to support dual homing to ISPs for redundancy and in order to advertise their own routes out onto the Internet.

BGP is considered to be a complex routing protocol, but that has more to do with its wide range of configuration options and its terminology. BGP’s mechanisms are relatively simple when compared to the complexity of OSPF. This is due to BGP being a layer 4 protocol that sits on top of TCP/IP. It utilizes TCP’s transport services for making peer connections on TCP port 179. By riding on top of TCP, it simplifies its own architecture, as it does not have all the communication complexity of a routing protocol such as OSPF.

BGP peers usually connect over direct links using TCP and exchange routing information with the directly connected peer (neighbor). Once the link has been negotiated and established, the BGP routers now send each other network layer reachability information (NLRI).

A BGP routing update consists of a network, a mask, and some attributes. The most important of these attributes is the AS path. The AS path is how BGP builds its own conceptual map of the world as it sees it through the connectivity of all these ASes.

The AS path is a list of ASes that the neighbor knows about between themselves and the advertised network. An eBGP router always attaches its own AS at the end of the AS path before advertising the route. This is a sensible thing to do, because it not only reflects the correct full AS-path but it also acts as a loop detection mechanism. If an eBGP router receives an advertised network in an update from a neighbor and it detects its own AS number in the list, the router drops the route update as there is a loop.

Route updates are stored in the Routing Information Base. One route, the best route, to a network is posted into the Routing Table, even though there may be five or six alternative routes in the RIB. These successor routes are available for selection if the route in the routing table disappeared or is withdrawn. Another interesting point is BGP never advertises a route unless it is actively using that route itself. Therefore, the routes in the RIB may well be valid, but they are not propagated out in routing updates to neighbors.

So what makes BGP such a good fit for the Internet?

The answer requires a closer look at BGP’s inner mechanisms for handling those TCP sessions between neighboring peers. First, BGP does not auto-detect and form neighbor relationships. BGP has to be mutually configured to peer with a neighbor. Second, any two peers that form a TCP connection exchange for the first time only full routing table updates. After initial exchanges, peers send only incremental changes along with a version number. This keeps traffic between peers to a minimum. This is the way BGP maintains its neighbor connections and its routes.

There are two main timers in BGP for connection management:

  • The Hold Time – this is the length of time a peer will wait between hearing messages from its neighbor. The default is 180 sec. If a peer has not received an update or a keep-alive, then the peer announces the “dead” neighbor and puts all routes learned from that peer into a dampened state before trying to reset the TCP session.
  • The keep-alive – one is sent every 60 seconds to monitor the link
  • Route dampening – BGP has processes to dampen flapping routes by fixing an incremental  penalty to the route

Most routing protocols today are adjusted to enable sub-second fault detection and convergence. Yet BGP has fault detection at 3 minutes. This is because out on the Internet, it would not be good to respond every time a link drops for a couple of seconds. It is only necessary to react to hard faults. If BGP encounters a flapping link, it will make that route temporarily unavailable. Each time it flaps, it is given a longer dampening period. This can be infuriating when trying to restore a faulty link but fully necessary for the stability of BGP and the Internet.

The dampening policy brings us to the final reason BGP is such a good fit for the Internet. BGP was designed that way. It was designed with the global Internet in mind, and the necessity of mapping AS network layer reachability information (NLRI). For that purpose, BGP does not just collect and store routes or paths it actually applies policy.

Learn more about BGP and Internet routing at Udemy.com

Route Determination

BGP routers will ignore paths that it has received from a neighbor under these circumstances

  • Path marked as not synchronized
  • Path where the next hop is in-accessible
  • Paths from an external Peer if the local Autonomous system appears in the path
  • Paths that have been marked as received only

When BGP runs its algorithm to determine the best path to a network, it does not just use the path with the fewest AS or hops. BGP instead favors policy over proximity.

Learn more about BGP by taking a course at Udemy.com