• 16-12-2020: Bad ACLs caused BGP route withdrawal for Google's Euro-cloud.  [The Register]
  • 08-12-2020: Current work in BGP security.  [Russ White]
  • 19-04-2020: New Cloudflare tool can tell you if your ISP has deployed BGP fixes.  [Wired]  [Is BGP Safe Yet]
  • 11-04-2020: Citing BGP hijacks and hack attacks, feds want China Telecom out of the US.  [Ars Technica]

  • 12-08-2019: BGP hijackings take on new meaning in cybersecurity climate.  [IT Pro Today]
  • 24-05-2019: If you worry about 768k day, you're probably doing it wrong.  [ipSpace]
  • 26-02-2019: Four years of breaking HTTPS with BGP hijacking.  [NANOG 75 YouTube]

  • 22-12-2018: How 3ve’s BGP hijackers eluded the Internet—and made $29M.  [Ars Technica]  [Schneier]
  • 28-08-2018: IPv6 causes peering issues between top networks.  [The Register]
  • 01-08-2018: Telegram redirected through Iran by baffling BGP leak.  [The Register]
  • 01-08-2018: Monitoring BGP anomalies.  [Russ White]  [APNIC Blog]
  • 24-07-2018: An update on securing BGP from IETF 102.  [Geoff Huston]
  • 17-07-2018: Shutting down a BGP hijack factory.  [Russ White]  [Dyn]
  • 10-07-2018: BGP broken? Blame the net's big providers.  [The Register]  [APNIC Blog]
  • 09-07-2018: Recent BGP peering enhancements.  [Russ White]
  • 06-11-2017: Fat-fingered Level 3 techie reduces internet to level zero: glitch knocks out connections.  [The Register]  [DC Knowledge]
  • 04-10-2017: Recent BGP Innovations for Operational Challenges.  [NANOG YouTube]
  • 19-06-2017: Internet boffins take aim at BGP route leaks.  [The Register]
  • 07-02-2017: Survey of interconnection agreements.  [NANOG YouTube]

  • 12-03-2015:
     Indian ISP’s routing hiccup briefly takes Google down worldwide.  [Ars Technica]

  • 10-11-2014:
     Russian internet traffic detours through China's Frankfurt outpost.  [The Register]
  • 26-09-2014: Internet Transit price falls slowing: Telegeography.  [The Register]
  • 06-05-2014: Global IPv4 routing table hits 500k routes.  [PacketLife]
  • 06-05-2014: You won’t get better internet until old one is broken. 500K BGP routes good start.  [EtherealMind]
  • 18-02-2014: BGP in 2013 -- the churn report.  [Geoff Huston]

  • 21-11-2013:
     How somebody forced the world's Internet traffic through Belarus and Iceland.  [WSJ ATD]
    • 21-11-2013: Rerouting Internet traffic by attacking BGP.  [Schneier]  [Renesys]
  • 20-06-2013: Verizon: that peering flab about Netflix is Cogent's fault.  [GigaOM]
  • 15-02-2013: Fight to keep YouTube online in Egypt.  [BuzzFeed]
  • 29-11-2012: Syria experiencing Internet blackout.  [DC Knowledge]  [BBC News]  [WSJ ATD]  [Wired]  [Gizmodo]  [Engadget]  [Stuff]  [THG]
    • 29-11-2012: Syria's throwing of the Internet kill switch raises lots of questions.  [WSJ ATD]
    • 29-11-2012: How Syria turned off the Internet.  [CloudFlare]  [Gizmodo]
    • 30-11-2012: Syrian Internet outage raises question "Could it happen here?"  [WSJ ATD]  [Renesys]  [DC Knowledge]  [Gizmodo]
      • 04-12-2012: Internet shut-down easier in more countries than you think.  [The Register]
    • 30-11-2012: Syrian Internet blackout continues for second day.  [BoingBoing]  [NYT]
    • 30-11-2012: Anonymous declares war on Syrian government sites.  [THG]
    • 30-11-2012: For Syria's rebel movement, Skype is a useful and increasingly dangerous tool.  [NYT]
    • 02-12-2012: Syrian Internet largely restored after blackout.  [NZ Herald]  [WSJ ATD]  [Engadget]  [Gizmodo]  [CNN]  [Stuff]
    • 02-12-2012: Paint it black -- how Syria methodically erased itself from the Internet.  [Ars Technica]
  • 07-11-2012: How an Indonesian ISP took down the mighty Google for 30 minutes.  [Ars Technica]  [CloudFlare]
  • 08-08-2012: A BGP leak made in Canada.  [BGPmon]
  • 06-07-2012: Internet outage in Lebanon continues into second day.  [BGPmon]
  • 09-04-2012: Iran preps Internet cutoff.  [The Register]  [IBT]  [Gizmodo]
    • 09-04-2012: Iran plans to unplug the Internet, launch its own "clean" alternative.  [Ars Technica]
    • 10-04-2012: Iran isn't shutting down the Internet in August, merely building a new one next March.  [Gizmodo]
  • 27-02-2012: How the Internet in Australia went down under.  [BGPmon]

  • 21-08-2011:
     The battle for Tripoli's Internet.  [Renesys]
  • 03-06-2011: Internet Syria offline.  [BGPmon]  [Renesys]  [The Register]
    • 04-06-2011: Internet service mostly restored in Syria.  [WSJ]
  • 26-03-2011: Facebook's detour through China and Korea.  [BGPmon]
  • 04-03-2011: Libya's Internet goes down again.  [Gizmodo]
    • 04-03-2011: Libya's Internet goes dark as upheaval spreads.  [The Register]
    • 05-03-2011: Internet access blocked across much of Libya.  [Engadget]
  • 29-01-2011: Egypt falls off the Internet.  [BGPmon]
    • 27-01-2011: Egyptian networks turn off the Internet.  [DC Knowledge]
    • 28-01-2011: How Egypt turned off the Internet.  [Gizmodo]
    • 28-01-2011: How Egypt killed the Internet.  [WSJ]
    • 28-01-2011: How to foil a nationwide shutdown.  [Lifehacker --> use US proxy]
    • 28-01-2011: Block like an Egyptian.  [Slate]
    • 29-01-2011: Without the Internet, Egyptians find new ways to get online.  [Computer World]
    • 29-01-2011: Recent events in Egypt.  [Tor]
    • 31-01-2011: Internet traffic in Egypt drops.  [Geekzone]
    • 31-01-2011: Egypt's net on life support.  [Renesys]
    • 31-01-2011: Egypt shuts down Noor, its last ISP.  [TechCrunch]
    • 01-02-2011: Egypt Internet ban lingers, users adjusting.  [DailyTech]
    • 01-02-2011: Egypt loses last vestiges of connectivity.  [The Register]
    • 02-02-2011: Egypt back online.  [BGPmon]  [RIPE]  [Renesys]
    • 02-02-2011: Egypt Internet back up as protests turn violent in Cairo.  [Ars Technica]
    • 02-02-2011: Egypt Internet restored, Cairo protests turn violent.  [Wired]
    • 03-02-2011: Vodafone network "hijacked" by Egypt.  [BBC News]
    • 03-02-2011: Vodafone says Egyptian government hijacked its networks to send propaganda.  [Forbes]
    • 04-02-2011: Vodafone Egypt confirms data services back, forced to send SMS supporting Egyptian government.  [Geekzone]
    • 06-02-2011: How Google removed the muzzle on Twitter in Egypt.  [Yahoo]
    • 09-02-2011: Internet role in Egypt's protests.  [BBC News]
    • 10-02-2011: Egypt turned off the Net with a big switch, not phone calls.  [Gizmodo]
    • 21-02-2011: Was Egypt's 'kill switch' the big red button?  [DC Knowledge]
  • 15-01-2011: Hijacks by AS4761 - INDOSAT - a quick report.  [BGPmon]

  • 03-12-2010:
     Chinese BGP incident: was it a traffic hijack?  [IOS Hints]
  • 01-12-2010: Comcast vs Level 3 peering dispute:
    • 01-12-2010: Internet peering disputes: follow the money.  [IOS Hints]
    • 01-12-2010: Comcast vs Level 3.  [PacketLife]
    • 01-12-2010: Comcast vs Level 3 feud stirs intense debate.  [DC Knowledge]
    • 02-12-2010: Comcast: we bent over backwards to help Level 3.  [Ars Technica]


  • Uses TCP port 179.
  • Sends keepalives every 60 seconds.
  • Within AS, must have full iBGP peering mesh, which leads to scaling problems that are resolved by:
    • route reflectors
    • confederations


  • Once "Established", BGP Updates are exchanged containing NLRI information:
  • destination prefix
  • prefix length
  • AS path
  • next hop
  • attributes

Route Selection

  • Next hop reachable (via IGP)?
  • Local preference.
  • Weight (Cisco): highest.
  • AS path: shortest.
  • MED: lowest.
  • Lowest cost next hop (IGP).
  • eBGP route: lowest BGP identifier.
  • iBGP route: lowest BGP identifier.

Other Stuff

  • Communities: allows prefixes with the same community to be treated with the same policy (i.e. tagging prefixes).
  • MED: advertise "route preference" to peer (influence only).
  • Route flap dampening: the internet community is moving away from this.
  • Internet route table growth: approx. 200k routes in mid-October 2006.


  • Well-known mandatory: must be supported.
    • AS path, next hop, origin.
  • Well-known discretionary: must be supported.
    • Local pref
  • Optional transitive: may not be supported.
    • Community
  • Optional non-transitive: may not be supported.
    • MED

IOS Configuration Example

router bgp <AS>
  no synchronization
  timers bgp x y
  neighbor <peer-group-name> peer-group
  neighbor <peer-group-name> remote-as <AS>
  neighbor <peer-group-name> update-source lo0
  neighbor <peer-group-name> soft-reconfiguration inbound
  neighbor x.x.x.x peer-group <peer-group-name>
  neighbor x.x.x.x description <...>

JUNOS Configuration Example

    group <name>
      type [internal|external]
      description <...>
      local-address x.x.x.x
      authentication-key <...>
      peer-as <AS>
      neighbor x.x.x.x
        export <policy-options-name>
        family inet
            prefix limit x
            teardown x idle-timeout y
      import <policy-options-name>
      export <policy-options-name>

interface <...>
  unit 0
    family inet
        input <filter-name>
        output <filter-name>

  filter <filter-name>
    term <term-name>
      from <...>
      then [accept|reject|discard]

Useful Articles

Robert Larsen,
19 Jan 2010, 18:22
Robert Larsen,
19 Jan 2010, 18:22