Border Gateway Protocol

Finjan TeamBlog, Internet Security

Finjan Border Gateway Protocol

With the increasing integration of cloud-based telecommunications and data transmission over the internet, there’s a need for different corporate and private networks to interact with each other. To preserve data integrity and to ease the flow of information, it’s essential to have standardized pathways and rules to govern this interchange. One of these is the Border Gateway Protocol or BGP.

Early Days and External Gateway Protocol

In the early days of the internet, only a very few different networks actually needed to communicate with each other. To set up connections between them, it was usually only necessary to define the relevant network nodes and link them as required. This was pretty much a static process.

But as the internet grew and increasing numbers of networks were added, it became apparent that a more dynamic method of routing communications was needed. The External Gateway Protocol (EGP) was developed for this purpose.

Tree and Mesh

EGP was a simple routing protocol based on a tree-like hierarchy of network connections. It had a branching architecture which required nodes to pass through a specific pathway of links in order to connect to a certain destination.

The proliferation and complexity of emerging networks dictated a more efficient architecture – one allowing for growing numbers of links to be established, and offering more options in the route they take. This was achieved through a mesh, which offers many alternate paths for nodes to connect with each other, and allows for expansion and scaling of the system as a whole.

Autonomous Systems

The mesh topology soon grew to be unmanageable, as well. To make it easier to oversee all the routes from one network to another, it became necessary to adopt an architecture consisting of autonomous systems.

An autonomous system (AS) is a network which is managed by a single entity. This could be a commercial enterprise, a public or private institution, or an Internet Service Provider (ISP). Each autonomous system has a unique identifying ASN (Autonomous System Number), and may include multiple locations or IP addresses on the internet.

The range of IP addresses which an AS has under its control is denoted by a set of connected routing prefixes, and each autonomous system is responsible for establishing the routing policy inside its own network.

Border Gateway Protocol

Even with autonomous systems in place, EGP was still the dominant protocol – and it was rapidly overwhelmed by the increasing numbers of autonomous systems and their multiple nodes and connections. A new protocol was required to provide greater scalability and enhanced connection abilities, and in June 1989 the first version of the Border Gateway Protocol or BGP was introduced.

It’s currently on version 4 (known as BGP4 or BGP-4), which was released in 2006 – and it’s pretty much the protocol that makes the internet as we know it work.

Peers

Any two routers which have established a connection for exchanging information via BGP are referred to as peers. To trade routing information, BGP peers must first establish a BGP session – which runs over TCP/IP (Transmission Control Protocol/Internet Protocol). BGP uses client-server configurations to communicate routing data.

BGP doesn’t have the ability to detect peer addresses automatically. Connections between peers must be set up manually, with the peer addresses programmed in at each side of the communication. If there’s an alteration during a connection, BGP sends out updated router table information – but this transmission only includes the specific change that’s been made.

Routing and RIB

Every BGP router has a standard routing table, which is used to steer data packets in transit. This internal table is used together with an external routing information base (RIB), which is a table of routing data stored on a server on the BGP router. The RIB holds routing information for internal peers and directly connected external peers. It continually refreshes the routing table as changes occur.

Prefix Announcements

Each BGP peer exchanges routing information with its neighbors in the form of network prefix announcements. In turn, each peer maintains a table of all the routes it knows for each network. It can then convey that information to its neighboring autonomous systems.

So BGP allows each autonomous system to gather routing information from its neighbors, and announce or “advertise” that information. Each peer can then transfer this data internally within its own autonomous system.

Internal and External BGP

Traffic routed within the network of a single autonomous system is referred to as internal Border Gateway Protocol, or iBGP. When BGP is used to link one autonomous system to another, this traffic is known as external Border Gateway Protocol or eBGP.

How Border Gateway Protocol Operates

Border Gateway Protocol is designed to make the best possible connection path based on current network availability and other factors such as the path characteristics and hop counts. It acts as a routing protocol on the edge of each network, relaying information regarding the structure of the network behind its gateway router.

This data may then be sent to other BGP routers, to alert them as to which networks were discovered. A BGP router can announce routes that it has learned, and can retransmit the routes learned from the Internal Gateway Protocols (IGPs) found on other networks.

In addition to routing data, BGP exchanges information with other BGP systems on the availability and accessibility of networks for autonomous system paths. In this way, the architecture of the entire network infrastructure may be drawn up on both sides of a BGP link.

When two BGP systems communicate, they initially attempt to do so using version 4 of the protocol. If either of the systems doesn’t support this latest version, they will try to negotiate down to the most recent version of the protocol that both systems are compatible with.

BGP makes its routing decisions based on a mathematical assessment of the best currently available path suggested by the information gathered from nodes and routers, and an autonomous system’s routing policy, which may be influenced by connection speed, reliability, and cost issues for the organization involved.

Security and Configuration Issues

Border Gateway Protocol isn’t without its problems, of course. Poorly configured BGP sessions can have unintended or even disastrous consequences – as was the case when the government of Pakistan tried to ban YouTube in 2008, and inadvertently (allegedly?) consigned much of YouTube’s global traffic to a black hole, while transmitting Pakistan Telecom’s Upstream IP Transit Provider to the world at large.

Malicious intent is also a complicating factor, as “man-in-the-middle” attacks may be staged by hijacking unsecured BGP peers or exploiting unverified routes to announce IP address ranges that redirect traffic to a cyber-attackers own autonomous system.

Share this Post

Summary
Finjan Border Gateway Protocol
Article Name
A Closer Look at Border Gateway Protocol or BGP
Description
With increasing internet data transmission and integration of cloud-based telecommunications, BGP preserves data integrity and eases information flow.
Author
Publisher Name
Finjan
Publisher Logo
Finjan Border Gateway Protocol