THE ULTIMATE

GUIDE TO
BGP ROUTING
Table of Contents
Introduction 3 Part 3 – BGP configuration 12
What is BGP routing?. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 Configuring peering for neighbor autonomous systems. . . . . . . . . . . . . . . . . . . . . . . . . 12

eBGP vs. iBGP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

Part 1 – The basics of BGP 4 BGP peering sessions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

BGP basics: Routes, peers, and paths. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Seeing BGP routes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

BGP history and evolution. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

Why should you understand BGP?. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Part 4 – Further thoughts on

Routes, autonomous systems, and autonomous system numbers . . . . . . . . . . . . . . . . 5
advertising your routes with BGP 16
Route flapping and damping. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
BGP (Border Gateway Protocol): The internet’s routing protocol. . . . . . . . . . . . . . . . . . 6
BGP for the multi-homed. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Route advertisements. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Routes and AS-PATHs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
The global routing table. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

The AS_PATH attribute. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

Conclusion 19
Part 2 – More BGP basics: Advertising, homing,
and cardinal sins 9
How advertising routes work in BGP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

Single-homed vs. multi-homed networks. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

Connecting with and without BGP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10

Cardinal sins of BGP routing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10

KENTIK | THE ULTIMATE GUIDE TO BGP ROUTING 2

 BGP routing involves key elements like autonomous systems, routes,
Introduction border routers, and peering. Here’s a brief explanation of these
components:

▶ Autonomous Systems (AS): An AS is a network or a collection

of connected IP routing prefixes under the control of one or
multiple network operators that present a common routing
policy to the internet.
▶ Routes: A route in BGP is a path that data packets take
from one host on the internet to another. Routes are known
as network layer reachability information (NLRI).
▶ Border Routers: These are routers situated at the edge of an
AS, responsible for connecting to at least one router from a
different AS and advertising routes through peering sessions.
▶ Peering: Peering is the reciprocal data exchange between two
different ASes through their border routers. Peering ensures
What is BGP routing? data packets find their way to the right destination.

BGP (Border Gateway Protocol) routing is a fundamental component of

the internet infrastructure that establishes and controls data paths across
the internet. BGP is a policy-based routing protocol that ensures the BGP routing plays a pivotal role in determining the most optimal path for
efficient and reliable transfer of data packets across different autonomous data transmission across the internet, contributing to the efficiency and
systems (AS) on the internet. Each autonomous system, representing integrity of the global internet.
a distinct network, uses BGP to advertise its network reachability
information to other systems, essentially informing them about the routes
data packets can take to reach specific destinations within the network.

KENTIK | THE ULTIMATE GUIDE TO BGP ROUTING 3

 and implementations. In general, BGP’s original design still holds today,
Part 1: including its strengths (describing and enforcing policy) and weaknesses

The Basics of BGP (lack of authentication or verification of routing claims).

Why should you understand BGP?

BGP basics: Routes, peers, and paths Why is understanding BGP helpful in understanding internet connectivity
and interconnectivity? Because effective BGP configuration is part of
In this section, we will explore why understanding BGP is crucial for controlling your organization’s destiny on the internet.
controlling your organization’s destiny on the internet, leading to
several key benefits, such as revenue growth, infrastructure uptime, and
enhanced security. Key concepts introduced include autonomous systems
(AS), routes, peering, and AS_PATH. How your organization can benefit:
▶ Preserve and grow revenue.
We also detail how routes are created and advertised, leading to the
formation of the global routing table and the role of eBGP and iBGP ▶ Protect the availability and uptime of your infrastructure
in this process. Finally, we delve into the importance and use cases and applications.
of the AS_PATH attribute, including loop detection and setting policy. ▶ Use the economics of the internet to your advantage.
This foundational knowledge sets the stage for future, more in-depth ▶ Protect against the global security risks that can arise when
discussions about BGP and its role in network connectivity. internet operators disagree on addressing security problems.

BGP history and evolution

Designed before the dawn of the commercial internet, BGP is a policy-
based routing protocol that has long been an established part of the
internet infrastructure. Even now, decades later, the core concepts
of BGP remain the same. There have been a few changes at the edge
(which we’ll cover later). Still, these have been implemented as the
designers anticipated by adding “attributes” to the BGP specification

KENTIK | THE ULTIMATE GUIDE TO BGP ROUTING 4

BGP and internet connectivity are big subjects, so this guide has a lot of the IP space that you are using. For reasons of enforced obfuscation by
of ground to cover. The following list will give you a sense of the range RFC writers, routes are also called network layer reachability information
of the topics we’ll be looking at: (NLRI).

▶ The structure and state of the internet

▶ How BGP has evolved and what its future might hold
▶ DDoS detection and prevention
▶ Additional topics such as MPLS and global networking,
internal routing protocols and applications, and more As of May 2023, there are over 940,000 IPv4 routes and more than 182,000
IPv6 routes.

What are autonomous systems and autonomous system

Let’s first get our feet wet with some basic concepts related to BGP:
numbers?
autonomous systems, routes, peering, and AS_PATH.
Another foundational concept is the autonomous system (AS), which is a
way of referring to some specific network. That network could be yours
Routes, autonomous systems, or belong to any other enterprise, service provider, or nerd with her own
and autonomous system numbers network. Each network on the internet is referred to as an AS, and each
AS has at least one autonomous system number (ASN). There are tens of
What is a BGP route? thousands of ASNs in use on the internet. Normally the following elements
To fully understand BGP, we’ll first get familiar with some underlying are associated with each AS:
concepts, starting with what it means to be connected to the internet. For 1. An entity (a point of contact, typically called a NOC or
a host to be connected, there must be a path or “route” over which it is network operations center) that is responsible for the AS.
possible for you to send a packet that will ultimately wind up at that host
2. An internal routing scheme so every router in a given AS knows how
and for that host to have a path over which to send a packet back to you.
to get to every other router and destination within the same AS. This
That means that the provider of internet connectivity to that host has to would typically be accomplished with an interior gateway protocol
know of a route to you. They must have a way to see routes in the section (IGP) such as open shortest path first (OSPF) or intermediate system
to intermediate system (IS-IS).

KENTIK | THE ULTIMATE GUIDE TO BGP ROUTING 5

3. One or multiple border routers. A border router is a router that is As explained previously, the interconnections that are created to carry
configured to peer with a router in a different AS, meaning that it traffic from and between autonomous systems result in the creation of
creates a TCP session on port 179 and maintains the connection by “routes” (paths from one host to another). Each route is made up of the
sending a keep-alive message every 60 seconds. Border routers use ASN of every AS in the path to a given destination AS. BGP (more explicitly,
this peering connection in one AS to “advertise” routes to border BGPv4) is the routing protocol that is used by your border routers to
routers in a different AS (more on this below). “advertise” these routes to and from your AS to the other systems that
need them in order to deliver traffic to your network:

BGP (Border Gateway Protocol): ● Peer networks, which are the ASes with which you’ve established a
The internet’s routing protocol direct reciprocal connection
● Upstream or transit networks, which are the providers that connect
you to other networks

Route advertisements
Specifically, your border routers advertise routes to the portions of the
IPv4 and IPv6 address space that you and your customers are responsible
for and know how to get to, either on or through your network. Advertising
routes that “cover” (include) your network is what enables other networks
to “hear” a route to the hosts within your network. In other words, every IP
address that you can get to on the internet is reachable because someone,
somewhere, has advertised a route that covers it. If there is not a generally
advertised route to cover an IP address, then at least some hosts on the
internet will not be able to reach it.

The advertising of routes helps a network operator do two very important

things. One is to make semi-intelligent routing decisions concerning the
best path for a particular route to take outbound from your network.
Otherwise, you would simply set a default route from your border routers

KENTIK | THE ULTIMATE GUIDE TO BGP ROUTING 6

into your providers, which might cause some of your traffic to take a sub-
optimal external route to its destination. Second, and more importantly,
The AS_PATH attribute
you can announce your routes to those providers for them to announce in
turn to others (transit) or just use internally (in the case of peers).

In addition to their essential role in getting traffic to its destination,

advertised routes are used for several other important purposes:

● To help track the origin and path of network traffic

● To enable policy enforcement and traffic preferences
● To avoid creating routing (and thus packet) loops

The global routing table

Besides being used for advertising routes, BGP also listens to the routes
from other networks. The sum of all of the route advertisements from all
of the networks on the internet contributes to the “global routing table,”
which is the internet’s packet directory system. You can usually hear that
entire list of routes if you have one or more transit providers. BGP supports several attributes, the most important of which is AS_PATH.
Every time a route is advertised by one BGP router to another over a
One further complication: BGP actually comes in two flavors depending on
peering session, the receiving router prepends the remote ASN to this
what it’s used for:
attribute. For example, when Verizon hears a route from NTT America,
● External BGP (eBGP) is the form used when routers that aren’t in the Verizon “stamps” the incoming route with NTT’s ASN, thereby building
same AS advertise routes to one another. From here on out, you can the route in AS_PATH. (Note that when a route is advertised between
assume that, unless otherwise stated, we’re talking about eBGP. routers in the same AS, using iBGP, the ASN for both routers is the same,
● Internal BGP (iBGP) is used between routers within the same AS. so AS_PATH is left unchanged.)

KENTIK | THE ULTIMATE GUIDE TO BGP ROUTING 7

When multiple routes are available, remote routers will generally decide Additional uses for AS_PATH include:
which is the best route by picking the route with the shortest AS_PATH,
● Loop detection: When a border router receives a BGP update (path
meaning the route that will traverse the fewest ASes to get traffic to a given
advertisement) from its peers, it scans the AS_PATH attribute for
destination AS. However, that may or may not be the fastest route because
its own ASN. If found, the router will ignore the update and will not
there’s no information about the network represented by a given AS —
advertise it further to its iBGP neighbors. This precaution prevents
nothing about that network’s bandwidth, the number of internal routers
the creation of routing loops.
and hop count, or how congested it is. From the standpoint of BGP, every
AS is pretty much the same. ● Setting policy: BGP allows providers to express “policy” decisions,
such as preferring Verizon over NTTA to get to Comcast.
● Visibility: AS_PATH provides a way to understand where your traffic
is going and how it gets there.

KENTIK | THE ULTIMATE GUIDE TO BGP ROUTING 8

Part 2 How advertising routes work in BGP
More BGP basics: The core function of BGP is to provide a mechanism through which any
autonomous system — a network connected to the internet — can get

Advertising, homing, traffic to any other AS. As we already covered, the path traveled by traffic
is referred to as a route, and BGP is the protocol by which one “advertises”

and cardinal sins to the internet the routes available to get traffic to your AS.

One way of thinking about the BGP routes that you advertise to other
entities is as promises to carry data to the IP space represented by the
In this section of the guide, let’s delve further into the intricacies advertised route. For example, if you advertise 192.204.4.0/24 (in class C
of BGP — the system that directs traffic across the interconnected terms, the block starting at 192.204.4.0 and ending at 192.204.4.255), you
autonomous systems making up the internet. We’ll explore how routes promise that you know how to carry to its ultimate destination, data that is
are advertised and the critical distinction between single- and multi- destined for any address in 192.204.4.0/24.
homed networks. This illustrates the practical value of BGP, especially for
multi-homed networks or networks with multiple connections to a single
internet service provider (ISP). We will also stress the importance of proper Single-homed vs. multi-homed networks
BGP configuration, as mistakes can have wide-ranging and disruptive
Another important BGP-related concept is “single-homed” versus “multi-
impacts across the internet. Finally, a warning against the cardinal sins
homed,” which is a major determinant of who uses BGP and who doesn’t:
of BGP routing, namely “route hijacking” or “blackholing” and insufficient
filtering, while offering advice to avoid such pitfalls. ● Single-homed means that only one upstream provider gives your
network transit to the rest of the internet.
Earlier, we established that BGP is the protocol used to route traffic across ● Multi-homed means connecting to multiple providers to provide
the interconnected autonomous systems that make up the internet. We transit to the rest of the world.
also looked at why effective BGP configuration is an important part of
controlling your destiny on the internet, and we covered some of the basic When you’re single-homed, you usually
building-block concepts needed to understand what BGP does and how it won’t want to use BGP for your upstream
does it. We’ll continue on that path in this section, adding more concepts providers because you only have one path
and digging deeper into how BGP works and what makes it of value. out of your network. So filling your router
with 500,000+ BGP routes isn’t going to do

KENTIK | THE ULTIMATE GUIDE TO BGP ROUTING 9

you any good since all of those routes point to the same place (your one ● You create a default route toward your upstream provider, and all
upstream provider). You can get the same result much more simply by non-local packets go out of the interface specified by that route.
using a “default route” to point all packets that aren’t otherwise matched ● Your provider probably puts static routes toward you on their side and
in your internal routing table to your upstream provider. redistributes those static routes into their interior gateway protocol
(IGP). Then — unless all of their BGP is done statically — they probably
Also, if you have one upstream provider, it’s almost guaranteed that your
redistribute their IGP into BGP.
IP space is a sub-allocation (CIDR delegation, to be precise) of their larger
IP blocks (aggregates). So you won’t be advertised to the outside world What happens differently if you do use BGP? Your provider will give you all
specifically. Instead, your provider will just advertise the overall block. of their routes (that’s the easy part), listen to your route announcements,
Suppose you have any other networks (e.g., an old Class C, customers with and then redistribute some or all of those to their peers and customers
address space, etc.). In that case, your provider will statically announce (that’s the hard part for them). The net differences boil down to this:
those routes to the world and statically route them inside their network
● They may start advertising a more specific route, which is no mean
to your router interface(s). So even if you did advertise to your provider
task in a complicated network designed, as most networks are, to
the routes to your IP space, they’re not going to re-advertise them to the
prevent the accidental leaking of more specific routes.
rest of the world because there already is a route to your provider for one
● The routes they usually advertise for you under just their ASN will
of the larger aggregates of address space that you are inside of.
now have your ASN attached as well.
Despite the above, there is one circumstance where you might wind So what’s the most essential benefit to you of using BGP? It’s not that you
up using BGP as a single-homed customer: if you have multiple get full or partial routes from your providers. That’s cool — and maybe
connections to a single ISP. In some cases, you will use BGP to manage even helpful — but you can do almost as well by just load-balancing all
the load balancing across these links. Often, your provider will want to outgoing traffic in either a round-robin or route-caching manner. The most
help configure, monitor, and manage BGP since it will affect the service important thing for you about BGP will be the ability to have your routes
they deliver. advertised to your providers and by them to their providers and peers
(i.e., to the rest of the internet).

Connecting with and without BGP

To better understand the practical value of BGP if you’re either multi- Cardinal sins of BGP routing
homed or you have multiple connections to a single ISP, let’s look at Now we understand why you might want to use BGP. Does that mean
what happens when you connect to the internet without speaking BGP that you’re now ready to start configuring? Doing a basic level of route
to your provider: advertisement using BGP is not hard, but if you screw it up, you may

KENTIK | THE ULTIMATE GUIDE TO BGP ROUTING 10

get slapped down pretty hard because screw-ups with BGP route The key to avoiding these sins is multi-level:
advertisements can be felt all over the internet. That’s right:

“Screw-ups with BGP route advertisements

▶ Implement good filtering on your end.
can be felt all over the internet!”
▶ Check that your provider is also doing excellent filtering
wherever possible.
What is blackholing or route hijacking in BGP?
▶ Be paranoid when configuring your BGP: Test your configs
The first cardinal sin of BGP is advertising routes to which you cannot and watch out for typos! Think through everything that you do
deliver traffic. This is called “blackholing,” which is one form of “route in terms of how it could screw things up and land you on the
hijacking.” If you advertise some part of the IP space owned by someone front page of the New York Times.
else, and that advertisement is more specific than the one made by the
owner of that IP space, then all of the data on the internet destined for
that space will flow to your border router. This will effectively disconnect
that blackholed address space from the rest of the internet. Let’s say,
for example, that you announce a route for Instagram’s servers that’s Remember: The vast majority of the route hijacking on the
more specific than the otherwise-best route. The result is that you’ve just internet is due to misconfiguration! That doesn’t mean someone
blackholed Instagram for a period of time. Needless to say, that will make couldn’t be attempting to disrupt service or intercept packets, but
many people very unhappy. usually, the issue is a typo in someone’s config. When configuring
BGP, focusing on the above points is your best defense against
BGP route filtering shooting yourself in the foot.
The second cardinal sin of BGP routing is not having strict enough filters on
the routes you advertise. If you don’t filter well and have a BGP-speaking
customer, you can pass on their poor hygiene and be an inadvertent vector
for disrupting networks far from you on the internet. If your provider is
smart, there are filters in place to prevent you from a spectacular failure,
which would hurt them and everyone else. But don’t count on it.

KENTIK | THE ULTIMATE GUIDE TO BGP ROUTING 11

Part 3 Configuring peering for
BGP configuration neighbor autonomous systems
So far, we’ve looked at several basic concepts about BGP, covering
both who would want to use it and why. In particular, we’ve learned
that speaking or advertising BGP to your service providers and/or
peers lets you do two things:

1. Make semi-intelligent routing decisions concerning the best path for

a particular route to take outbound from your network (otherwise,
you would simply set a default route from your border routers into
your service providers).
2. Advertise your routes to those providers for them to advertise in turn
to others (for transit connectivity) or just use them internally (in the
case of peering).

We also pointed out some of the negative consequences of careless BGP

configuration. In this section, we’ll delve deeper into the mechanics of BGP
by looking at how you actually configure BGP on routers.

Autonomous systems and ASNs

Now that we’ve covered so much of the basics of BGP, let’s delve into As discussed in Part 1, the term autonomous system (AS) refers to
configuring Border Gateway Protocol on routers, explaining autonomous a network such as a private enterprise network or a service provider
systems, ASNs, and the nuances of internal and external BGP. We’ll network. Each AS is assigned at least one autonomous system number
demonstrate how routers establish peering sessions using ASN (ASN), which identifies the network to the world. Most networks use
identification and stress the importance of careful route filtering. (or at least show to the world) only one ASN.
Finally, we guide you through using and interpreting Cisco’s
show ip bgp summary command to view peering sessions. ASNs were originally 2-byte values allowing for 65,536 possible numbers.
As the number of available ASNs dwindled, a newer 4-byte format was
adopted, extending the number of possible ASNs by 4,294,967,295.

KENTIK | THE ULTIMATE GUIDE TO BGP ROUTING 12

● ASNs 0 and 65,535 are reserved values
BGP peering sessions
● The block of ASNs from 64,512 through 65,534 is designated
for private use So now, let’s look at the actual configuration. BGP-speaking routers
exchange routes with other BGP-speaking routers via peering sessions
● The remainder of possible ASN values available for internet routing
using ASN identification. At a technical level, this is what it means for one
range from 1 through 64,511 (except 23456, which is used for the
network or organization to peer with another. Here’s a simplified Cisco
4-byte extension).
code snippet of a router BGP clause:
● Lumen’s AS3356 is an example of a 2-byte ASN, while Leaseweb’s
AS395954 is an example of a 4-byte ASN.
router bgp 64512
eBGP vs. iBGP <omitted lines...>
One more clarification before we start configuring: BGP can be used neighbor 207.106.127.122 remote-as 701
internally (via iBGP) within an AS to manage routes or externally (via eBGP)
to route between ASes (which is what makes the internet possible). As
described on page 7, when we say “BGP,” we’re talking about eBGP, not The clause starts out by saying router bgp 64512. This means that
iBGP. eBGP and iBGP share the same low-level protocol for exchanging what follows is a list of commands that describe how to speak BGP on
routes and also share some algorithms. But eBGP is used to exchange behalf of ASN 64512. (We’re using 64512 in our examples because it’s not
routes between different ASes, while iBGP is used to exchange routes a live ASN, so if anyone uses a configuration straight from this article and
within the same AS. In fact, iBGP is one of the “interior routing protocols” uses this made-up ASN, automated route-examination programs will
you can use to do “active routing” inside your network/domain. detect it.)

The major difference between eBGP and iBGP is that eBGP tries like All that’s required to bring up a peering session is that one neighbor
crazy to advertise every BGP route it knows to everyone, and you have line under the router bgp clause. In this example, this line specifies
to put “filters” in place to stop it from doing so. iBGP, on the other hand, 207.106.127.122 as the remote IP address (with respect to the customer’s
tries like crazy not to reconfigure routes. In fact, iBGP can actually be a route) of a router in the AS with ASN 701.
challenge to get working because to make it work, you have to peer all
of the iBGP “speakers” inside your network with all of the other iBGP The purpose of neighbor commands is to initiate peering sessions with
speakers. This is called a “routing mesh,” and, as you can imagine, it can neighbors. It’s possible to have BGP peering sessions that go over multiple
get to be quite a mess when you have 20 routers that each have to peer hops, but eBGP multi-hop is a more advanced topic and has many
with every other router.

KENTIK | THE ULTIMATE GUIDE TO BGP ROUTING 13

potential pitfalls. So, for now, let’s assume that all neighbors must be on a
LAN interface (Ethernet, Fast Ethernet, FDDI). In practice, you nearly always
Seeing BGP routes
use more than one line to specify how to exchange routes with While the session is up, BGP updates will be sent from one router to the
a given neighbor in a given peering session. So a typical neighbor other each time one of the routers knows about a new BGP route or needs
command sequence would look more like this: to withdraw a previous route announcement. To see a list of all current
peering sessions, you can use the Cisco sho ip bgp sum command line:

router bgp 64512

<omitted lines...> brain.companyx.com# sho ip bgp sum
neighbor 207.106.127.122 remote-as 4969
neighbor 207.106.127.122 next-hop-self
The command typically returns results like the following (see next page),
neighbor 207.106.127.122 send-communities
which is a session summary from a core router at an ISP. The 6451x
neighbor 207.106.127.122 route-map prepend-once out
autonomous systems are BGP sessions to other routers at the same ISP
neighbor 207.106.127.122 filter-list 2 in whose ASNs are not shown to the world. The 205.160.5.1 session is a
<omitted lines...> session that is down, and the sessions where the remote autonomous
systems are 4231, 3564, and 6078 are external peering sessions with
routers from another ISP.
Every time a neighbor session comes up, each router will evaluate every
BGP route it has by running it through any filters you specify in the BGP
neighbor command. Any routes that pass the filter are sent to the remote
end. This filtering is a critical process. The most dangerous element of BGP
is the risk that your filtering will go awry, and you’ll announce routes that
you shouldn’t to your upstream providers.

KENTIK | THE ULTIMATE GUIDE TO BGP ROUTING 14

 Most of the table on the left is pretty self-explanatory:
The BGP table version is 1159873, and the main routing table version is 1159873
● The Neighbor column gives the IP address of the
44796 network entries (98292/144814 paths) using 9596344 bytes of memory
neighbor with which the router is peered.
16308 BGP path attribute entries using 2075736 bytes of memory
● The V column is the BGP version number. If it is not
12967 BGP route-map cache entries using 207472 bytes of memory
4, something is very wrong! BGP version 3 doesn’t
16200 BGP filter-list cache entries using 259200 bytes of memory
understand Classless (CIDR) routing and is thus
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State
dangerous.
205.160.5.1 4 6313 0 0 0 0 0 never Active
● The AS column is the remote ASN.
207.106.90.1 4 64514 1145670 237369 1159873 0 0 4d03h
● InQ is the number of routes left to be sent to us.
207.106.91.5 4 64515 6078 5960 1159869 0 0 4d03h
● OutQ is the number of routes left to be sent to the
207.106.92.16 4 64512 6128 6782 1159870 0 0 4d03h
other side.
207.106.92.17 4 64512 5962 6894 1159870 0 0 10:08:46
● The Up/Down column is the time that the session
206.245.159.17 4 4231 161072 276660 1159870 0 0 2d05h
has been up (if the State field is empty) or down
207.44.7.25 4 3564 6109 310292 1159867 0 0 22:40:50
(if the State field is not empty).
207.106.33.3 4 64513 164708 724571 1159866 0 0 3d23h
● Anything in a State field indicates that the
207.106.33.4 4 3564 6086 274182 1159853 0 0 4d03h
session for that row is not up. In just one of the
207.106.127.6 4 6078 5793 310011 1159869 0 0 2d03h
nomenclature flaws of BGP, a state of Active
actually indicates that the session is inactive.

KENTIK | THE ULTIMATE GUIDE TO BGP ROUTING 15

 If you’ve only got a single upstream service provider, why might you want
Part 4 to bother speaking BGP to them? Well, you could say “for practice,” but

Further thoughts configuring BGP generally involves a fair amount of behind-the-scenes

work on the part of upstream providers, so they typically aren’t going to

on advertising your waste their time unless you have a good reason.

routes with BGP If you’re single-homed, you also don’t really need to “run defaultless”
by accepting all routes. Since every packet destined for the internet (as
opposed to your internal network) will go out the same router interface,
it doesn’t matter whether it does so via one default route or via searching
a list of 45,000 or more routes heard via BGP.

That leaves only one valid reason for single-homed networks to use BGP:
to have more control over advertising routes. To make a compelling case
to your provider, you’ll have to understand two concepts that they will
likely ask you about. One is “flaps,” which require a bit of explanation and
is covered in the following section. The other is routing-table space. If
you’re in your service provider’s IP space or “aggregate announcement,”
they will likely ask why it makes sense to pollute the routing tables with
an extra few routes by announcing your routes more specifically. You’re on
your own for the answer to that one, but if you think you have a good case,
talk to your current or potential provider.

Route flapping and damping

When you assert a route, you are saying, “I know how to get to
Before we close out this guide, let’s look at the impact of using BGP with 192.204.4.0/24,” based on some internal knowledge that you actually do
upstream service providers, whether you have only one (single-homed) know how to get to 192.204.4/0. When you no longer know how to get to
or several (multi-homed). that route, the natural — and previously considered correct — thing to do

KENTIK | THE ULTIMATE GUIDE TO BGP ROUTING 16

is to withdraw that assertion. Advertising a route and then withdrawing
that route is called “flapping.”
BGP for the multi-homed
Many networks have business-critical needs for assured internet
One downside of flapping is that it’s contagious. When you withdraw an connectivity. A common way to achieve this connectivity is by multi-
assertion, your providers must also withdraw that assertion, and their homing, which means using the services of two or more upstream service
providers and peers must do the same. All in all, thousands of routers providers. Generally, the goal of multi-homing is to use both upstream
worldwide will have to look at that route, decide if they have the next-best provider connections in a sane manner and “load-balance” them. Ideally,
path in their BGP table, and if so, insert it into their IP routing table as the you’d like roughly half the traffic to go in and out of each connection.
current best path. You’d also like “failover” routing; if one link goes down, the other keeps
you connected to the internet. In an ideal network, you’d be able to have
Route flapping consumes many CPU seconds on routers that are any of your connections to the ’net go down and still maintain connectivity
sometimes very busy. In fact, it was consuming so much CPU time years and speed.
ago that Sean Doran of Sprintlink said, “This must stop.” So several people
came up with an idea, which Cisco implemented in record time, to dampen You don’t need BGP to load-balance: You can do that almost as well with
the route flaps (you’ll hear people say “damp” and “dampen”; there’s no a “round-robin” or “route-caching.” What’s most important about BGP
real consensus about which is the correct term). In practice today, this if you’re multi-homed is the ability to advertise routes. In multi-homed
means that if you flap a route more than once or twice, many providers will situations, the network operator may want to express different routing
dampen that route for at least an hour or so. In other words, the route is policies to each upstream provider, which it can do using BGP by using
suppressed, meaning it will not be advertised even if it is up. its own ASN and advertising these routing policies to each upstream
destination, which are then advertised in turn to their providers and peers
If you’re single-homed, you will be dampened if your provider withdraws (i.e., to “the rest of the internet”).
your routes because someone resets the router. So if you want to have
more control in advertising your routes, and you ask your upstream As noted in Part 2, doing this basic level of route advertisement is not hard,
provider to announce you, you’ll likely be asked to explain why it makes a but you have to do it in a paranoid way because if you screw up your BGP
difference to you, meaning why the benefit of being multiply-announced route advertisements, it can be felt all over the internet.
outweighs the possible adverse effects of being dampened due to
instability in either your or your provider’s network. After all, if you’re One nice thing about using BGP to advertise routes if you are multi-homed
singly connected to the ’net, the whole internet doesn’t need to know if is that if you do have connectivity issues, BGP is pretty smooth about
you lost connectivity to your provider since there’s no other path to get to handling them. For example, if your providers are announcing specific
you. So why bother all the routers in the world by telling them whether or prefixes for you, they would typically stop announcing you when they
not you’re currently reachable? don’t know how to get to you anymore. The beauty of speaking BGP

KENTIK | THE ULTIMATE GUIDE TO BGP ROUTING 17

to your providers is that when you lose connectivity to them, the BGP For now, keep in mind that unless you do any tuning on your own:
session will also go down, and all of those route advertisements will be
● The most specific route always wins, whether it’s a BGP route or
automatically withdrawn.
a static internal route.
● If there’s a choice between multiple BGP routes, the one with the
Routes and AS-PATHs shortest AS_PATH wins.

The AS-PATH attribute is a crucial concept to understand when you decide To sum up, here are the most important questions to remember for each
to advertise and receive routes via BGP. Every time a router advertises a peer when you’re either considering how to do BGP in general or explicitly
route via BGP, that route is stamped with the autonomous system number bringing up a new BGP session:
(ASN) of the autonomous system (AS) to which the router belongs (see
Routes and autonomous systems in Part 1). As a route moves from AS to
AS, it builds up an AS-PATH, which is useful for the following reasons: ▶ What routes do you want the peer to hear?
● AS-PATH provides a diagnostic trace of routing on the net. If you have The most important thing is to ensure that you do not
full routes in one of your routers or have query access to a router that reconfigure routes to which you are not providing internet
does (such as telnet://route-server.cerf.net), you can find the route connectivity.
that encompasses a particular IP address and see which ASNs have ▶ What do you want to do with the routes you hear via the
advertised it. If you do some poking around, you can even see how a session? Do you want to tune them? Only take some? Take
provider is actually connected. them all?
● AS-PATH is one of several metrics that determine how routes heard via
BGP are inserted into the IP routing table. We’ll be talking more about
metrics in the future.
● AS-PATH can be used for filtering that enables policy routing. You’d
want to filter based on the AS-PATH for many reasons, including
ensuring you only send routes that originate in your network. AS-PATH
filtering is the best first step that you can work with to get comfortable
with filtering routes. And if your network is relatively simple (as 90
percent of networks are), you won’t need anything fancier for quite
some time.

KENTIK | THE ULTIMATE GUIDE TO BGP ROUTING 18

Conclusion
BGP routing has become something with which
all network engineers should now be familiar.

BGP used to be primarily of interest only to ISPs and hosting providers, If we’ve piqued your interest in how the routes used by your traffic
whose revenue depends on delivering traffic. It then became the business affect network performance and costs, you’ll find that Kentik’s Network
of web businesses to manage their internet connectivity more intelligently Observability Platform provides deep insights into BGP monitoring,
since their user experience and revenue streams depend on reliable, high- configuration, and peering.
performance internet traffic delivery. Now, with the adoption of cloud
solutions by many enterprises to meet their IT needs, as well as the overall Kentik provides powerful BGP analytics and monitoring features to help
trend to digital business models, BGP and internet routing is becoming your organization gain insights into BGP operations, identify potential
something with which all network engineers (including not just NetOps but peering opportunities, and optimize routing decisions.
DevOps professionals and SREs) should get familiar.
With Kentik, you can stay ahead of network challenges and ensure the
smooth performance of your BGP infrastructure. Discover the benefits
of Kentik’s network analytics and monitoring solutions for BGP by starting
a free 30-day trial or requesting a demo today.

KENTIK | THE ULTIMATE GUIDE TO BGP ROUTING 19

Kentik is the network observability company.
Our platform is a must-have for the network front line, whether digital business, corporate IT, or
service provider. Network professionals turn to the Kentik Network Observability Platform to plan,
run, and fix any network, relying on our infinite granularity, AI-driven insights, and ridiculously fast
search.Visit us at kentik.com and follow us at @kentikinc.

The world’s most valuable organizations rely on Kentik.

Revised 20230720