News Articles

2022 News

2021 News

2020 News

  • 16-12-2020: Bad ACLs caused BGP route withdrawal for Google's Euro-cloud. [The Register]

  • 08-12-2020: Current work in BGP security. [Russ White]

  • 19-04-2020: New Cloudflare tool can tell you if your ISP has deployed BGP fixes. [Wired] [Is BGP Safe Yet]

  • 11-04-2020: Citing BGP hijacks and hack attacks, feds want China Telecom out of the US. [Ars Technica]

  • 21-02-2020: One year of BGP (in)security. [NANOG 78 YouTube]

  • 13-01-2020: BGP in 2019. [Geoff Huston: part 1, part 2]

2019 News

2018 News

2017 News

2016 News

2015 News

  • 12-03-2015: Indian ISP’s routing hiccup briefly takes Google down worldwide. [Ars Technica]

  • 21-01-2015: BGP in 2014. [Geoff Huston]

2014 News

  • 10-11-2014: Russian internet traffic detours through China's Frankfurt outpost. [The Register]

  • 26-09-2014: Internet Transit price falls slowing: Telegeography. [The Register]

  • 14-08-2014: Snowden: The NSA, not Assad, took Syria off the Internet in 2012. [Ars Technica] [Gizmodo] [HotForSecurity]

  • 18-08-2014: Do you really need to see all 512k Internet routes? [ipSpace] [NZ Herald]

  • 13-08-2014: Brace for the BGPocalypse: big disruptions loom as internet overgrowth continues. [ExtremeTech] [Renesys] [Ars Technica] [BBC News]

  • 06-05-2014: Global IPv4 routing table hits 500k routes. [PacketLife]

  • 06-05-2014: You won’t get better internet until old one is broken. 500K BGP routes good start. [EtherealMind]

  • 18-02-2014: BGP in 2013 -- the churn report. [Geoff Huston]

  • 24-01-2014: BGP in 2013. [Geoff Huston]

2013 News

  • 21-11-2013: How somebody forced the world's Internet traffic through Belarus and Iceland. [WSJ ATD]

    • 21-11-2013: Rerouting Internet traffic by attacking BGP. [Schneier] [Renesys]

  • 20-06-2013: Verizon: that peering flab about Netflix is Cogent's fault. [GigaOM]

  • 15-02-2013: Fight to keep YouTube online in Egypt. [BuzzFeed]

2012 News

  • 29-12-2012: Pakistan lifts YouTube ban for 3 minutes. [BoingBoing] [NYT] [BBC News]

  • 09-12-2012: Why dictators (don't) shut down the Internet. [Schneier] [BoingBoing] [Vice]

  • 29-11-2012: Syria experiencing Internet blackout. [DC Knowledge] [BBC News] [WSJ ATD] [Wired] [Gizmodo] [Engadget] [Stuff] [THG]

    • 29-11-2012: Syria's throwing of the Internet kill switch raises lots of questions. [WSJ ATD]

    • 29-11-2012: How Syria turned off the Internet. [CloudFlare] [Gizmodo]

    • 30-11-2012: Syrian Internet outage raises question "Could it happen here?" [WSJ ATD] [Renesys] [DC Knowledge] [Gizmodo]

      • 04-12-2012: Internet shut-down easier in more countries than you think. [The Register]

    • 30-11-2012: Syrian Internet blackout continues for second day. [BoingBoing] [NYT]

    • 30-11-2012: Anonymous declares war on Syrian government sites. [THG]

    • 30-11-2012: For Syria's rebel movement, Skype is a useful and increasingly dangerous tool. [NYT]

    • 02-12-2012: Syrian Internet largely restored after blackout. [NZ Herald] [WSJ ATD] [Engadget] [Gizmodo] [CNN] [Stuff]

    • 02-12-2012: Paint it black -- how Syria methodically erased itself from the Internet. [Ars Technica]

  • 07-11-2012: How an Indonesian ISP took down the mighty Google for 30 minutes. [Ars Technica] [CloudFlare]

  • 08-08-2012: A BGP leak made in Canada. [BGPmon]

  • 06-07-2012: Internet outage in Lebanon continues into second day. [BGPmon]

  • 09-04-2012: Iran preps Internet cutoff. [The Register] [IBT] [Gizmodo]

    • 09-04-2012: Iran plans to unplug the Internet, launch its own "clean" alternative. [Ars Technica]

    • 10-04-2012: Iran isn't shutting down the Internet in August, merely building a new one next March. [Gizmodo]

  • 27-02-2012: How the Internet in Australia went down under. [BGPmon]

2011 News

  • 21-08-2011: The battle for Tripoli's Internet. [Renesys]

  • 03-06-2011: Internet Syria offline. [BGPmon] [Renesys] [The Register]

    • 04-06-2011: Internet service mostly restored in Syria. [WSJ]

  • 26-03-2011: Facebook's detour through China and Korea. [BGPmon]

  • 04-03-2011: Libya's Internet goes down again. [Gizmodo]

      • 04-03-2011: Libya's Internet goes dark as upheaval spreads. [The Register]

      • 05-03-2011: Internet access blocked across much of Libya. [Engadget]

  • 29-01-2011: Egypt falls off the Internet. [BGPmon]

    • 27-01-2011: Egyptian networks turn off the Internet. [DC Knowledge]

    • 28-01-2011: How Egypt turned off the Internet. [Gizmodo]

    • 28-01-2011: How Egypt killed the Internet. [WSJ]

    • 28-01-2011: How to foil a nationwide shutdown. [Lifehacker --> use US proxy]

    • 28-01-2011: Block like an Egyptian. [Slate]

    • 29-01-2011: Without the Internet, Egyptians find new ways to get online. [Computer World]

    • 29-01-2011: Recent events in Egypt. [Tor]

    • 31-01-2011: Internet traffic in Egypt drops. [Geekzone]

    • 31-01-2011: Egypt's net on life support. [Renesys]

    • 31-01-2011: Egypt shuts down Noor, its last ISP. [TechCrunch]

    • 01-02-2011: Egypt Internet ban lingers, users adjusting. [DailyTech]

    • 01-02-2011: Egypt loses last vestiges of connectivity. [The Register]

    • 02-02-2011: Egypt back online. [BGPmon] [RIPE] [Renesys]

    • 02-02-2011: Egypt Internet back up as protests turn violent in Cairo. [Ars Technica]

    • 02-02-2011: Egypt Internet restored, Cairo protests turn violent. [Wired]

    • 03-02-2011: Vodafone network "hijacked" by Egypt. [BBC News]

    • 03-02-2011: Vodafone says Egyptian government hijacked its networks to send propaganda. [Forbes]

    • 04-02-2011: Vodafone Egypt confirms data services back, forced to send SMS supporting Egyptian government. [Geekzone]

    • 06-02-2011: How Google removed the muzzle on Twitter in Egypt. [Yahoo]

    • 09-02-2011: Internet role in Egypt's protests. [BBC News]

    • 10-02-2011: Egypt turned off the Net with a big switch, not phone calls. [Gizmodo]

    • 21-02-2011: Was Egypt's 'kill switch' the big red button? [DC Knowledge]

  • 15-01-2011: Hijacks by AS4761 - INDOSAT - a quick report. [BGPmon]

2010 News

  • 03-12-2010: Chinese BGP incident: was it a traffic hijack? [IOS Hints]

  • 01-12-2010: Comcast vs Level 3 peering dispute:

    • 01-12-2010: Internet peering disputes: follow the money. [IOS Hints]

    • 01-12-2010: Comcast vs Level 3. [PacketLife]

    • 01-12-2010: Comcast vs Level 3 feud stirs intense debate. [DC Knowledge]

    • 02-12-2010: Comcast: we bent over backwards to help Level 3. [Ars Technica]

Useful Articles

BGP Details

  • Uses TCP port 179.

  • Sends keepalives every 60 seconds.

  • Within AS, must have full iBGP peering mesh, which leads to scaling problems that are resolved by:

    • route reflectors

    • confederations

  • Once "Established", BGP Updates are exchanged containing NLRI information:

    • destination prefix

    • prefix length

    • AS path

    • next hop

    • attributes

Route Selection

  • Next hop reachable (via IGP)?

  • Local preference.

  • Weight (Cisco): highest.

  • AS path: shortest.

  • MED: lowest.

  • Lowest cost next hop (IGP).

  • eBGP route: lowest BGP identifier.

  • iBGP route: lowest BGP identifier


  • Well-known mandatory: must be supported.

    • AS path, next hop, origin.

  • Well-known discretionary: must be supported.

    • Local pref

  • Optional transitive: may not be supported.

    • Community

  • Optional non-transitive: may not be supported.

    • MED

Other Stuff

    • Communities: allows prefixes with the same community to be treated with the same policy (i.e. tagging prefixes).

    • MED: advertise "route preference" to peer (influence only).

    • Route flap dampening: the internet community is moving away from this.

    • Internet route table growth: approx. 200k routes in mid-October 2006.

IOS Configuration Example

router bgp <AS>

no synchronization

timers bgp x y

neighbor <peer-group-name> peer-group

neighbor <peer-group-name> remote-as <AS>

neighbor <peer-group-name> update-source lo0

neighbor <peer-group-name> soft-reconfiguration inbound

neighbor x.x.x.x peer-group <peer-group-name>

neighbor x.x.x.x description <...>

JUNOS Configuration Example



group <name>

type [internal|external]

description <...>

local-address x.x.x.x

authentication-key <...>

peer-as <AS>

neighbor x.x.x.x

export <policy-options-name>

family inet


prefix limit x

teardown x idle-timeout y

import <policy-options-name>

export <policy-options-name>

interface <...>

unit 0

family inet


input <filter-name>

output <filter-name>


filter <filter-name>

term <term-name>

from <...>

then [accept|reject|discard]

© Robert Larsen. All rights reserved.