What Is BGP?

Border Gateway Protocol (BGP) is the routing protocol that makes the global internet function. Often called the "postal system of the internet," BGP determines how data packets travel from one network to another across the complex web of interconnected systems that make up the internet. Without BGP, the internet as we know it simply wouldn't exist.

BGP is defined in RFC 4271 and operates as an exterior gateway protocol (EGP), meaning it manages routing between different autonomous systems (AS) — not within a single organization's network.

What Is an Autonomous System?

An Autonomous System is a collection of IP networks and routers under the control of a single organization that presents a common routing policy to the internet. Every major ISP, cloud provider, university, and large enterprise has its own AS, identified by a unique Autonomous System Number (ASN).

Examples:

  • Google: AS15169
  • Cloudflare: AS13335
  • Amazon AWS: AS16509

How BGP Works

BGP routers (called BGP speakers or peers) establish TCP connections on port 179 and exchange routing information. There are two types of BGP relationships:

  • eBGP (External BGP): Peering between routers in different autonomous systems. This is what connects ISPs, CDNs, and networks globally.
  • iBGP (Internal BGP): Peering between routers within the same autonomous system, used to propagate external routing information internally.

The BGP Route Selection Process

When multiple paths to a destination exist, BGP uses a strict set of attributes to pick the best route. In order of preference:

  1. Highest Weight (Cisco-specific, local to router)
  2. Highest Local Preference (preferred exit point within an AS)
  3. Locally originated routes
  4. Shortest AS Path (fewest hops through autonomous systems)
  5. Lowest Origin type (IGP > EGP > incomplete)
  6. Lowest MED (Multi-Exit Discriminator — a hint to neighbors)
  7. eBGP over iBGP
  8. Lowest IGP metric to next hop
  9. Lowest Router ID as a tiebreaker

BGP and Internet Security

BGP was designed in the 1980s when the internet was a trusted academic network. It has no built-in authentication for route announcements, making it vulnerable to:

  • BGP Hijacking: A malicious or misconfigured AS announces routes for IP prefixes it doesn't own, redirecting traffic through its network. Notable incidents have affected major banks, government services, and cloud providers.
  • Route Leaks: An AS accidentally propagates routes it shouldn't, causing traffic to flow through unintended networks.

The solution being deployed is RPKI (Resource Public Key Infrastructure), which allows organizations to cryptographically sign their route announcements, letting routers reject invalid prefixes.

When BGP Goes Wrong

BGP failures have caused some of the internet's biggest outages. A few notable examples:

  • In 2021, a BGP configuration error at Facebook withdrew all of Facebook's route announcements, making its services unreachable globally for hours.
  • In 2010, China Telecom briefly announced routes for thousands of IP prefixes belonging to US government and military networks.

These incidents highlight that BGP stability is a critical infrastructure concern, not just a networking technicality.

Key Takeaways

  • BGP is the protocol that connects autonomous systems and makes the global internet work.
  • It selects routes based on a rich set of attributes, not simply shortest path.
  • BGP lacks native security — RPKI is the modern answer to route origin validation.
  • Understanding BGP is essential for network engineers, ISP operators, and anyone managing multi-homed infrastructure.