- 16-12-2020: Bad ACLs caused BGP route withdrawal for Google's Euro-cloud. [The Register]
- 08-12-2020: Current work in BGP security. [Russ White]
- 19-04-2020: New Cloudflare tool can tell you if your ISP has deployed BGP fixes. [Wired] [Is BGP Safe Yet]
- 11-04-2020: Citing BGP hijacks and hack attacks, feds want China Telecom out of the US. [Ars Technica]
- 12-08-2019: BGP hijackings take on new meaning in cybersecurity climate. [IT Pro Today]
- 24-05-2019: If you worry about 768k day, you're probably doing it wrong. [ipSpace]
- 06-11-2017: Fat-fingered Level 3 techie reduces internet to level zero: glitch knocks out connections. [The Register] [DC Knowledge]
- 04-10-2017: Recent BGP Innovations for Operational Challenges. [NANOG YouTube]
- 19-06-2017: Internet boffins take aim at BGP route leaks. [The Register]
- 07-02-2017: Survey of interconnection agreements. [NANOG YouTube]
12-03-2015: Indian ISP’s routing hiccup briefly takes Google down worldwide. [Ars Technica]
10-11-2014: Russian internet traffic detours through China's Frankfurt outpost. [The Register]
- 26-09-2014: Internet Transit price falls slowing: Telegeography. [The Register]
- 06-05-2014: Global IPv4 routing table hits 500k routes. [PacketLife]
- 06-05-2014: You won’t get better internet until old one is broken. 500K BGP routes good start. [EtherealMind]
21-11-2013: How somebody forced the world's Internet traffic through Belarus and Iceland. [WSJ ATD]
- 21-11-2013: Rerouting Internet traffic by attacking BGP. [Schneier] [Renesys]
- 20-06-2013: Verizon: that peering flab about Netflix is Cogent's fault. [GigaOM]
- 15-02-2013: Fight to keep YouTube online in Egypt. [BuzzFeed]
- 08-08-2012: A BGP leak made in Canada. [BGPmon]
- 06-07-2012: Internet outage in Lebanon continues into second day. [BGPmon]
- 09-04-2012: Iran preps Internet cutoff. [The Register] [IBT] [Gizmodo]
- 09-04-2012: Iran plans to unplug the Internet, launch its own "clean" alternative. [Ars Technica]
- 10-04-2012: Iran isn't shutting down the Internet in August, merely building a new one next March. [Gizmodo]
- 27-02-2012: How the Internet in Australia went down under. [BGPmon]
21-08-2011: The battle for Tripoli's Internet. [Renesys]
- 26-03-2011: Facebook's detour through China and Korea. [BGPmon]
- 04-03-2011: Libya's Internet goes down again. [Gizmodo]
- 04-03-2011: Libya's Internet goes dark as upheaval spreads. [The Register]
- 05-03-2011: Internet access blocked across much of Libya. [Engadget]
- 29-01-2011: Egypt falls off the Internet. [BGPmon]
- 27-01-2011: Egyptian networks turn off the Internet. [DC Knowledge]
- 28-01-2011: How Egypt turned off the Internet. [Gizmodo]
- 28-01-2011: How Egypt killed the Internet. [WSJ]
- 28-01-2011: How to foil a nationwide shutdown. [Lifehacker --> use US proxy]
- 28-01-2011: Block like an Egyptian. [Slate]
- 29-01-2011: Without the Internet, Egyptians find new ways to get online. [Computer World]
- 29-01-2011: Recent events in Egypt. [Tor]
- 31-01-2011: Internet traffic in Egypt drops. [Geekzone]
- 31-01-2011: Egypt's net on life support. [Renesys]
- 31-01-2011: Egypt shuts down Noor, its last ISP. [TechCrunch]
- 01-02-2011: Egypt Internet ban lingers, users adjusting. [DailyTech]
- 01-02-2011: Egypt loses last vestiges of connectivity. [The Register]
- 02-02-2011: Egypt back online. [BGPmon] [RIPE] [Renesys]
- 02-02-2011: Egypt Internet back up as protests turn violent in Cairo. [Ars Technica]
- 02-02-2011: Egypt Internet restored, Cairo protests turn violent. [Wired]
- 03-02-2011: Vodafone network "hijacked" by Egypt. [BBC News]
- 03-02-2011: Vodafone says Egyptian government hijacked its networks to send propaganda. [Forbes]
- 04-02-2011: Vodafone Egypt confirms data services back, forced to send SMS supporting Egyptian government. [Geekzone]
- 06-02-2011: How Google removed the muzzle on Twitter in Egypt. [Yahoo]
- 09-02-2011: Internet role in Egypt's protests. [BBC News]
- 10-02-2011: Egypt turned off the Net with a big switch, not phone calls. [Gizmodo]
- 21-02-2011: Was Egypt's 'kill switch' the big red button? [DC Knowledge]
- 15-01-2011: Hijacks by AS4761 - INDOSAT - a quick report. [BGPmon]
03-12-2010: Chinese BGP incident: was it a traffic hijack? [IOS Hints]
- 01-12-2010: Comcast vs Level 3 peering dispute:
- 01-12-2010: Internet peering disputes: follow the money. [IOS Hints]
- 01-12-2010: Comcast vs Level 3. [PacketLife]
- 01-12-2010: Comcast vs Level 3 feud stirs intense debate. [DC Knowledge]
- 02-12-2010: Comcast: we bent over backwards to help Level 3. [Ars Technica]
Overview
- Uses TCP port 179.
- Sends keepalives every 60 seconds.
- Within AS, must have full iBGP peering mesh, which leads to scaling problems that are resolved by:
- route reflectors
- confederations
FSM
- Once "Established", BGP Updates are exchanged containing NLRI information:
- destination prefix
- prefix length
- AS path
- next hop
- attributes
Route Selection
- Next hop reachable (via IGP)?
- Local preference.
- Weight (Cisco): highest.
- AS path: shortest.
- MED: lowest.
- Lowest cost next hop (IGP).
- eBGP route: lowest BGP identifier.
- iBGP route: lowest BGP identifier.
Other Stuff
- Communities: allows prefixes with the same community to be treated with the same policy (i.e. tagging prefixes).
- MED: advertise "route preference" to peer (influence only).
- Route flap dampening: the internet community is moving away from this.
- Internet route table growth: approx. 200k routes in mid-October 2006.
Attributes
- Well-known mandatory: must be supported.
- AS path, next hop, origin.
- Well-known discretionary: must be supported.
- Optional transitive: may not be supported.
- Optional non-transitive: may not be supported.
IOS Configuration Example
neighbor <peer-group-name> peer-group
neighbor <peer-group-name> remote-as <AS>
neighbor <peer-group-name> update-source lo0
neighbor <peer-group-name> soft-reconfiguration inbound
neighbor x.x.x.x peer-group <peer-group-name>
neighbor x.x.x.x description <...>
JUNOS Configuration Example
export <policy-options-name>
teardown x idle-timeout y
import <policy-options-name>
export <policy-options-name>
then [accept|reject|discard]
|
Useful Articles
- Visualising BGP-LS tables. [ipSpace] [HBristow]
- How important is BGP RPKI? [ipSpace]
- Does BGP need link state? [Packet Pushers]
- AS Path Prepending -- there is no rose without a thorn. [NANOG 80]
- Finding and profiling BGP serial hijackers. [NANOG 80]
- Excessive BGP AS Path prepending is a self inflicted vulnerability. [NANOG 79 YouTube]
- BGP AS numbers on MLAG members. [ipSpace]
- BGP in DC fabrics. [ipSpace, ipSpace]
- BGP hell is other people. [Networking Nerd]
- Can we trust BGP Next Hops? [ipSpace: part 1, part 2]
- Understanding Internet peering. [Russ White]
- BGP 4-byte ASN. [Packet Pushers]
- Demystifying BGP session establishments. [Packet Pushers]
- BGP as a high-availability protocol.
- Facts and fiction: BGP is a hot mess. [ipSpace]
- Designing a workflow to respond to BGP incidents. [NANOG YouTube]
- Path prepending in BGP. [Geoff Huston]
- Redundant BGP connectivity on a single ISP connection. [ipSpace]
- Changing IOS BGP policies based on IP-SLA measurements. [ipSpace]
- Why is securing BGP just so damn hard? [Geoff Huston]
- Challenges, opportunities and the evolution of Internet peering. [Network Computing]
- BGP route security. [NANOG YouTube]
- BGP confederations. [ipCisco]
- BGP route reflector. [ipCisco]
- The BGP monitoring tool (BMP). [Russ White]
- BGP community attribute. [ipCisco]
- BGP communities. [Russ White]
- Why BGP visibility is more important than ever. [Network Computing]
- What designs require BGP in the DC? [Packet Pushers]
- BGP peering in the real world. [Network Collective] [Russ White]
- Understanding BGP table version. [Networking with Fish: part 1, part 2, part 3]
- BGP show and tell. [ipSpace] [Networking with Fish]
- Duplicate BGP updates. [Russ White]
- Peering with providers. [Network Collective] [Russ White]
- BGP as a high availability protocol. [ipSpace, ipSpace]
- BGP routers and parrots. [Russ White]
- Optimal BGP route reflection. [Network Collective] [Russ White]
- BGP LLGR. [Vincent Bernat]
- BGP DFZ security. [Russ White] [CircleID]
- BGP and sub-optimal route reflection. [Russ White]
- History of networking: BGP route servers. [Network Collective] [Russ White]
- BGP security: a gentle reminder that networking is business. [Russ White]
- Is BGP good enough? [Russ White]
- Flowspec for BGP route servers at IXPs. [NANOG YouTube]
- Architecting robust BGP policies. [NANOG YouTube]
- DDoS evolution and enhancing DDoS protection with BGP flowspec. [NANOG YouTube]
- Dissecting iBGP and eBGP JUNOS configuration. [ipSpace]
- History of networking: BGP security. [Network Collective] [Russ White]
- RIPE NCC: the future of BGP security. [Russ White] [YouTube]
- Securing BGP. [Network Collective]
- Inferring BGP blackholing activity in the Internet. [NANOG 72 YouTube]
- Using ARIN Whois data in BGP prefix filters. [NANOG 72 YouTube]
- Do we really need a new BGP? [APNIC Blog]
- BGP traffic engineering. [Network Collective] [Russ White]
- Section 10 routing loops. [Russ White]
- BGP route selection -- a failure of intent-based networking. [ipSpace] [Russ White]
- Flowspec and RFC1998? [Russ White]
- Do we really need a new BGP? [Russ White]
- BGP: the tragedy of the commons. [ipSpace]
- Should we build a better BGP? [Networking Nerd]
- Data center BGP: autonomous systems and AS numbers. [ipSpace, ipSpace]
- BGP peering and reachability. [Network Collective] [Russ White]
- BGP as a better IGP -- when and where. [ipSpace]
- Classifying route leaks. [ipSpace] [CircleID] [RFC 7908]
- BGPsec and reality. [Russ White]
- BGP Large Community for Route Leak Detection. [NANOG YouTube]
- History of networking - Tony Li - BGP. [Network Collective, YouTube] [Russ White]
- Improving BGP convergence without tweaking BGP timers. [ipSpace]
- BGP churn and Add Path. [Network Collective, YouTube] [Russ White]
- Synchronising BGP and OSPF. [ipSpace]
- BGP persistent oscillation. [Russ White]
- History of networking - BGP optimisations. [Network Collective, Russ White, YouTube]
- Are more specifics harmful? [Russ White] [APNIC Blog]
- The impact of more specifics in the DFZ. [Russ White] [Geoff Huston]
- PBGPP makes analysing BGP data easier. [Russ White] [APNIC Blog]
- BGP optimal route reflection. [NANOG YouTube]
- When BGP meets big data. [NANOG YouTube]
- Optimal route reflection. [Russ White]
- Leaky abstraction: an example. [Russ White]
- Simplify BGP configurations. [ipSpace, video]
- High performance BGP security - algorithms and architectures. [NANOG YouTube]
- BGP best path selection modifications. [NANOG YouTube]
- TralXroute detecting IXPs in traceroute paths. [NANOG YouTube]
- BGP shutdown. [NANOG YouTube]
- PCAP BGP parser. [NANOG YouTube]
- BGP basics: internal and external BGP. [Network Computing]
- BGP Flowspec indirection. [Russ White]
- BGP security: preventing bad route propagation. [Network Computing]
- Large BGP communities. [Russ White] [APNIC]
- BGP tools for the DFZ. [Russ White: part 1, part 2]
- Optimal inter-AS routing challenge. [ipSpace]
- BGP security: mitigating route leaks. [Network Computing]
- 21st century iBGP route reflection. [NANOG 68 YouTube]
- Large BGP communities. [NANOG 68 YouTube]
- BGP Flowspec is a step forward. [Russ White] [Netcraftsmen]
- Running BGP between virtual machine and ToR switch. [ipSpace]
- Using BGP in spine and leaf fabrics. [ipSpace, video]
- BGP attributes: Weight, Local Preference, AS Path, Origin, MED. [ipCisco]
- Absorbing DDoS with communities. [Russ White]
- Aggregation pixies. [Russ White] [APNIC Blog]
- Snaproute BGP code dive:
- Fat-thumbed a BGP entry? Relax, now your pain has a name. [The Register] [RFC 7908]
- Is BGP really that complex? [ipSpace]
- When prepend fails, what next? [Russ White: part 1, part 2, part 3]
- BGP security and spam. [Russ White]
- Running BGP RR in a VM. [ipSpace]
- Six tips on improving BGP security. [Network Computing] [Russ White]
- BGP route maps and continued feature limitations. [ipSpace]
- On collaborative blocking and filtering. [Russ White] [Internet Society]
- BGP convergence, divergence, and the 'net. [Russ White]
- Rethinking path validation:
- Running BGP on servers. [ipSpace]
- Using BGP in data center fabrics. [ipSpace]
- Introduction to BGP-LS and PCEP. [ipSpace, video]
- Securing BGP: a case study. [Russ White: part 1, part 2, part 3, part 4, part 5, part 6, part 7, part 8, part 9, part 10]
- BGP in an Arista data center. [Aspiring Networker]
- BGP security. [Russ White]
- BGPSEC operation:
- Estimating BGP convergence time. [ipSpace]
- RFC 7454: BGP operations and security. [ipSpace] [RFC7454]
- BGP communities. [Router Jockey]
- BGP deaggregation with conditional route injection. [ipSpace]
- AS-Path filtering. [Router Jockey]
- Use BGP to defend against a DDoS attack originating from remote AS. [StackExchange]
- Do you really need to see all 512k Internet routes? [ipSpace] [NZ Herald]
- What is a valid BGP route? [ipSpace]
- The accumulated IGP metric for BGP. [MellowD]
- Why BGP choose wrong Next-hop address? [StackExchange]
- Making everything a Route Reflector? [Reddit]
- Question about Nexus 7000, eBGP and sub-interfaces. [Reddit]
- Changes in iBGP next hop processing drastically improves BGP-based DMVPN designs. [ipSpace]
- Why don't network providers peer better? [Reddit]
- Real life BGP route originator and BGP next-hop intricacies. [ipSpace]
- Why BGP implements its own keepalive instead of using tcp keepalive? [StackExchange]
- Cisco: reliable fast BGP failover when mixing BGP NHT and BFD. [StackExchange]
- Should I use default routes or full BGP table? [StackExchange]
- BGP preferring routes with longer as-path prepend? [Reddit]
- Multihomed BGP and NAT. [StackExchange]
- Active / Active BGP with Default routes. [StackExchange]
- BGP peering in the datacenter with a Root server. [Reddit]
- Why does export/import policy addition/removal cause a BGP session reset? [StackExchange]
- How could MTU affect BGP sessions? [CostiSer]
- Learned eBGP routes not distributed to iBGP neighbors. [StackExchange]
- BGP Autonomous System Path Duplicate AS. [StackExchange]
- MITM and routing security. [Geoff Huston]
- Cisco BGP - see communities on advertised-routes? [StackExchange]
- Is it possible to connect two private eBGP peers with the same AS number? [StackExchange]
- After TCP is established which BGP peer will send open message first? [StackExchange]
- BGP routing in DMVPN networks. [ipSpace]
- 10-11-2013: What is the need of iBGP inside an Autonomous system as IGP protocols fulfill the need for internal communication. [StackExchange]
- iBGP migrations can generate forwarding loops. [ipSpace]
- Exception routing with BGP: SDN done right. [ipSpace]
- Can BGP route reflectors really generate forwarding loops? [ipSpace]
- BGP regular expression ".+_.+_.+_.+_.+_.+_.+_.+_.+_.+_.+_.+". [StackExchange]
- Local Policy Denied Prefixes” in 'show ip bgp neighbor' output. [StackExchange]
- How would one route an IP network through different ISPs? [StackExchange]
- Originate customer AS. [StackExchange]
- Seamless BGP configuration (or why BGP is a poor routing protocol). [EtherealMind]
- More private AS numbers. [ipSpace]
- BGP multipath with different ASNs feasible for production networks? [StackExchange]
- BGP simulation tool. [StackExchange]
- Circular BGP propagation. [StackExchange]
- How can I check to see if I'm receiving MEDs? [StackExchange]
- Load balancing between two ISP BGP links. [StackExchange]
- Routing traffic out different links from the same BGP AS. [StackExchange]
- BGP Best External explained. [ipSpace]
- BGP security draft adopted as IETF workgroup document. [ipSpace]
- BGP convergence optimisation. [ipSpace]
- Setting no-export BGP community. [ipSpace]
- Beware of the pre-bestpath cost extended BGP community. [ipSpace]
- BGP route reflection in MPLS/VPN PE-routers. [ipSpace]
- BGP operations and security, second draft. [ipSpace] [IETF Draft]
- Implications of BGP local-as on IOS. [PacketLife]
- My first Internet draft has just been published. [ipSpace]
- Filter inbound BGP prefixes: summary. [ipSpace]
- How could we filter extraneous BGP prefixes? [ipSpace]
- BGP-free SP core in pictures. [ipSpace]
- BGP Route Preference -- the most commonly missed task in R&S CCIE mock lab 2. [CCIE Blog]
- Understanding BGP MED and BGP Deterministic MED. [CCIE Blog]
- Responsible generation of BGP default route. [IOS Hints]
- Shut down BGP session based on tracked object. [IOS Hints]
- BGP next-hop processing. [IOS Hints]
- IBGP or EBGP in an enterprise network? [IOS Hints]
- BGP/IGP network design principles. [IOS Hints]
- Death of the Internet predicted, film at your local cineplex. [Ars Technica]
- A brief history of notable Internet disruptions. [PacketLife]
- IBGP and an IGP. [PacketLife]
- Validating BGP announcements with RPKI. [BGPmon]
- How accurate is the routing registry? [Fix6]
- How complete is the RIPE routing registry? [CircleID]
- Routing on the Internet: a disaster waiting to happen? [Slashdot] [Security Week]
- Understanding the Internet's insecure routing infrastructure. [Ars Technica]
- Understanding BGP convergence. [CCIE Blog]
- Network dictionary -- BGP speaker. [Etherealmind]
- BGP: time to grow up. [IOS Hints]
- Riddle me this, BGP man... [CCIE Blog]
- Interesting BGP/IGP interaction problem. [IOS Hints] [Jeremy Filliben]
- BGP path manipulation: Bob is at it again. [CCIE Blog]
- Why BGP uses TCP and IGPs don't. [Packet Life]
- BGP redistribution with OSPF and statics. [Etherealmind]
- BGP: the big gory protocol -- can you troubleshoot it? [CCIE Blog]
- Optimising IP event dampening. [CCIE Blog]
- BGP proportional load balancing. [CCIE Blog]
- Secure BGP. [IOS Hints]
- Anomalies in BGP (Part 1). [CCIE Blog]
- How the 'Net works: an introduction to peering and transit. [Ars Technica]
- Scale your Internet backbone with core MPLS, BGP on the edge. [IOS Hints] [TechTarget]
|