What is Border Gateway Protocol?
Border Gateway Protocol (BGP) is a set of rules that determine the best network routes for data transmission on the internet. The internet consists of thousands of private, public, corporate, and government networks linked together through standardized protocols, devices, and communication technologies. When you browse the internet, data travels across multiple networks before reaching its destination. BGP's responsibility is to look at all the available paths that data could travel and select the best route. For instance, when a user in the United States loads an application with origin servers in Europe, BGP makes that communication quick and efficient.
Why is Border Gateway Protocol important?
Border Gateway Protocol (BGP) makes the internet work through data routing. BGP routing is critical because, at its core, the internet is made of hundreds of thousands of autonomous systems.
An autonomous system is a smaller network under the control of a single administrative entity. You can uniquely identify such networks by their autonomous system number assigned by the Internet Assigned Numbers Authority (IANA). Data travels between autonomous systems as it moves from source to destination.
BGP supports every autonomous system to do the following.
Find the best route
As data travels across the internet from source to destination, every autonomous system in between has to decide where the data packet should go next.
The decision is based on several factors like geographical location, network congestion, and data transfer cost. BGP routing considers these factors and helps determine the next best autonomous system so that data travels on the shortest route from source to destination.
Discover network connection changes
The structure of the internet is dynamic. New autonomous systems are being added, and old ones are being removed constantly. Every autonomous system must stay updated with information regarding new and obsolete routes. BGP helps systems to discover and remain updated on such network changes.
Administer network policies
BGP has the flexibility to allow autonomous system administrators to implement their own routing policies.
For example, you can configure a router running BGP to distinguish between the routes that are internal and external to the autonomous system. The administrator can set rules to determine whether data should be routed internally or externally.
Add a layer of network security
BGP supports security in your network management. For example, BGP can authenticate messages between routers using preconfigured passwords. Administrators can verify BGP messages that come from legitimate autonomous systems and filter out unauthorized traffic.
How does the Border Gateway Protocol work?
Border Gateway Protocol (BGP) works using a mechanism called peering. Administrators assign certain routers as BGP peer or BGP speaker routers. You can think of peers as devices on the edge or boundary of an autonomous system.
BGP peers perform the following main functions.
Route discovery
BGP peers exchange routing information with neighboring BGP peers through network-layer reachability information (NLRI) and path attributes. NLRI includes connectivity information about neighbors. Path attributes include information like latency, hop count, and cost of transmission.
After they exchange information, each BGP peer can then construct a graph of network connections around it.
Route storage
During the discovery process, every BGP router collects route advertisement information and stores it in the form of routing tables. It uses the routing table for path selection and also updates it frequently.
For instance, the BGP router receives keep-alive messages every 30 seconds from neighboring routers. It updates the stored routes accordingly.
Path selection
BGP routers use the stored information to route traffic optimally. The primary factor in path selection is the shortest path, as determined by the stored route graphs. When a destination is reachable from multiple paths, BGP selects the best one by sequentially evaluating other path attributes.
What are the types of Border Gateway Protocol?
Border Gateway Protocol (BGP) is classified as internal and external, depending on where the data is being routed.
External BGP routers connect an autonomous system to the global internet. However, large autonomous systems are themselves made up of smaller autonomous systems within them. Internal BGP routes data within a system.
External BGP vs. internal BGP
The main difference between internal and external BGP peering is the way the BGP route received from one peer is propagated by default to other peers. Here’s an explanation:
- New routes learned from an external BGP peer are re-advertised to all peers
- New routes learned from an internal BGP peer are re-advertised to all external peers only
Additionally, organizations must use external BGP to connect their corporate network to the internet.
In contrast, there is no obligation to use internal BGP. You can choose from several internal routing protocols based on your organization's networking requirements.
How does the Border Gateway Protocol handle scale?
Given the millions of devices connected to the internet, how is it possible for one Border Gateway Protocol (BGP) router to connect with thousands of potential peers? Several approaches are used to manage scale and accommodate the expansion of the internet. Subdivision is used at every level so that the number of peers each router has to remember remains manageable.
Next, we discuss a few ways that BGP handles scale.
Route reflectors
Route reflectors (RRs) reduce the number of connections in internal BGP. A single router can act as a central hub peering with an internal cluster of routers.
You can divide your network into multiple clusters and RRs. Only the RRs communicate with each other and with external BGP routers.
Confederations
Every external BGP router is not connected to every other external BGP router worldwide. Instead, confederations are used. A confederation is a set of autonomous systems with a single Autonomous System Number (ASN) seen by the rest of the internet.
For example, internet service providers (ISPs) of several European countries may group together to form a European confederation. The outside world will see a single ASN for several countries.
Route aggregation
Route reflectors and confederations help reduce the number of global BGP networks. However, the top level of global peers is also growing exponentially.
In an attempt to prevent an eventual widespread breakdown of connectivity, ISPs cooperate to keep the global routing table as small as possible. They use Classless Inter-Domain Routing (CIDR) to allocate IP addresses more efficiently. They also use route aggregation to represent several networks in a single routing table entry.
How can AWS support your BGP routing protocol requirements?
Amazon Web Services (AWS) offers AWS Transit Gateway and AWS Direct Connect to support your Border Gateway Protocol (BGP) routing protocol requirements.
Transit Gateway
Transit Gateway connects your Amazon Virtual Private Clouds (VPCs) and on-premises networks through a central hub. This connection simplifies your network and puts an end to complex peering relationships.
Transit Gateway acts as a highly scalable cloud router—each new connection is made only once. It supports BGP to simplify branch connectivity through native integration of network virtual appliances. Any third-party appliances that support BGP work with Transit Gateway.
AWS Direct Connect
Similarly, AWS Direct Connect is the shortest path to your AWS resources. While in transit, your network traffic remains on the AWS global network and never touches the public internet.
You can use an AWS Direct Connect gateway attached with one or more transit virtual interfaces to interface with up to three transit gateways in any supported AWS Regions. You can establish one IPv4 BGP session and one IPv6 BGP session over a single transit virtual interface.
Get started with BGP routing between your AWS resources and your corporate network by creating an account today.
Next Steps on AWS
