The internet is huge. The number of active websites is approximately 200 million, with more than 250,000 new sites being added every day. The number of internet users is approximately 5 million. With that much activity, it takes a lot to send internet traffic to its destination. That is where BGP comes in.
BGP, which stands for Border Gateway Protocol, is a routing protocol. As with any network protocol, it supplies the rules that determine how routers operate. Basically, routing protocols direct traffic. BGP is the routing protocol that directs traffic on the internet, getting your internet traffic to its final destination.
Directing traffic
A router is essentially a type of computer that is designed specifically to direct network traffic. It uses numerous “network cards” to provide numerous network interfaces. The router’s job is to build a map of the network and use it to guide traffic. Incoming traffic is told which interfaces provide connections to the desired destinations. Routers are critical for ensuring that information on the network successfully gets to its destination.
Because the internet is an ever-changing landscape, static routes are not the most reliable routes for getting from Point A to Point B. Dynamic routes are a much better option. Anyone who has ever used a mapping app knows how this works; the app gives you a route to get to your destination, but continuously monitors the traffic on that route. If something blocks the route, like an accident or construction activity, you are rerouted. If the app provided a static, unchanging route, rather than a dynamic route, you would find yourself sitting in traffic until the route was unblocked.
Routing protocols are the tools that help routers build a map of the network in a dynamic manner. They give routers the ability to reroute in order to optimize traffic. If you have a static route from one location to another and something interrupts the route, you are stuck. By adding a dynamic routing protocol, you improve the availability and performance of your systems.
The basics of BGP
There are two kinds of routing protocols: interior gateway and exterior gateway. Interior gateway routing protocols are used for an organization’s internal network traffic. Interior Gateway protocols are usually either Open Shortest Path First (OSPF), Enhanced Interior Gateway Routing Protocol (EIGRP), or intermediate systems to intermediate systems. Exterior gateway routing protocols are used by an organization that wants to connect with an external organization. BGP is designed to connect external organizations.
BGP fundamentals
BGP operates using Transmission Control Protocol (TCP) port 179. BGP is a unicast protocol and forms a TCP connection to its peers. This means BGP peers must be manually assigned. Almost every other routing protocol is multicast, which involves a router sending a “hello” to every other router to establish an adjacency.
It is important to remember that BGP uses TCP port 179, especially if you are using a firewall. If BGP is traversing a firewall that does not allow TCP port 179, your BGP session will never be established. Also, if you are studying for any AWS certification or networking certification, be prepared for an exam question about BGP and TCP port 179.
Why we use BGP
We use BGP due to its scalability and tunability. BGP is incredibly scalable and can handle an incredible number of routes. Additionally, BGP can be used for traffic engineering due to its tunability.
To understand how valuable this is, consider a typical router running BGP at an internet service provider. Often, there are routers connecting to 10 or more Internet service providers. Each internet service provider can provide 800,000 plus routes. This means BGP can scale into millions of routes, which is why organizations use it. Even organizations like AWS or Google, which have hundreds of thousands of clients, use BGP to connect to their customers. They use it because of its scalability and tunability.
Understanding BGP messages
BGP routers communicate with each other using a set of predefined messages. These messages are used to establish connections, inform BGP routers of new routing information, and signal BGP peers if something goes wrong. It is the BGP messages that enable BGP to provide dynamic routing information.
“Open messages” are sent when a TCP connection is established. These help to identify the connecting networks by providing a unique autonomous system (AS) number. They also establish the version of BGP that is being used.
“Keep alive messages” are sent to verify that a BGP peer is healthy, similar to a health check. I like to imagine we have the routers asking each other, “Are you there?” If the “keep alive” message does not get sent or received, the non-responsive router gets removed from the map, the session is torn down, and the routes are updated.
“Update messages” are used to share information about routing updates. As one network establishes a new route or learns that an old route is no longer operational, it shares the update with other networks. An update message provides information including the prefix or the subnet that you were trying to reach, path attributes, your next hop, and your AS path.
“Notification messages” alert the network that something has gone wrong. A notification message is not something you hope to receive. Generally, it indicates that a BGP session must be closed.
BGP neighbor relationships
The purpose of BGP is to establish a neighbor relationship, which is a connection with neighboring routers. BGP keeps track of the status of the connection that it has with neighboring routers, which are referred to as peers, by using a Finite State Machine. These connections can exist in one of a number of states. Understanding these various states is especially important when a connection goes down and troubleshooting must be done.
“Idle state” is used to describe a BGP router that is waiting for a TCP session to come up. When things go wrong, BGP routers revert to an idle state. If a router was connected and suddenly went into an idle state, it is a sign that something has gone wrong.
When a router is forming a connection, it is in a “connect state.” If the connection is not made, the router goes to an “active state,” in which it will retry making the connection. If the reattempt to connect fails, the router will go back to an idle state.
When the connection is going well, connect state will transition to an “open sent state.” This occurs when the open message has been sent to the neighboring router and the router is awaiting a response. Once the response is received, the router transitions to “open confirm state.” At this point, the router sends a “keep alive” message and enters an “established state.”
When you achieve an established state, you know your BGP neighbor relationship is good. Messages are going to be exchanged and routes will be kept dynamic. If the TCP session gets torn down for some reason at any point along the way, the connection will revert back to an idle state.
BGP attributes
As BGP seeks to provide the best routes, it looks at a number of attributes that describe the routes. By assessing these, it can determine which routes are most reliable and which should be avoided.
Origin, which describes the source of information on the route, is one of these attributes. If, for example, the route was learned via an internal gateway protocol, like OSPF, it will be seen as more reliable than a route that is learned via an external gateway protocol like BGP. Routes for which the origin information is incomplete are always seen as last resorts.
Because BGP is a path vector routing project, it will report the number of autonomous systems it has traversed as part of its route. Connecting to each new AS requires what is known as an AS path. Generally speaking, routers prefer the shorter path or the path with the least number of AS hops.
Next hop is another attribute that is important for routing. This refers to the IP address of the routers that provided the routing update. If the next hop is not reachable, the route will not appear in the routing table.
Weight is also an attribute that plays into BGP routing. Weight was originally a Cisco proprietary attribute that was used to influence outbound traffic. Now, it is supported by AWS and other organizations. Basically, the higher the weight of a route, the more routers prefer it.
All of these components come together in the process that BGP uses to select routes. BGP prefers the path with the largest weight. If the weights are equal, it prefers the route with the highest local preference. If the local preferences are the same, it prefers the route with the shortest AS path. And if the AS path is the same, it prefers the paths with the lowest origin code. If BGP gets to origin codes and still finds routes to be equal, it looks to other attributes including multi-exit discriminators, next hops, and IP addresses. Ultimately, BGP uses these attributes to keep traffic on the most reliable routes.
Tuning BGP
Optimizing network traffic will sometimes require tuning BGP. In general, this involves tweaking BGP attributes in a way that elevates one routing option above another. Tuning BGP is a task that network engineers and architects are often called upon to manage.
Adjusting the weight of a route is one way to tune BGP. By increasing the weight of a specific route, you signal to BGP that it should prefer that route. Raising the local preference is another way to indicate that a route should be preferred for traffic, as is lowering the multi-exit discriminator.
Because AS path is a factor that BGP uses for selecting routes, tuning that attribute can also influence route selection. By prepending, or adding another AS path, to the route, you add more hops to the AS path, making it less desirable as a route and influencing BGP to select other options.
Keeping the internet flowing is no small task. A tool like BGP makes it much more manageable. By providing a scalable and tunable protocol, BGP gives technology professionals the ability to engineer solutions that grow with the internet and respond to changing needs as they arise.