Back to all articles
BGPRoutingLayer 3Internet Architecture

BGP: The Protocol That Routes the Entire Internet

Elena RostovaJune 25, 2024

When you send a ping to a server halfway across the world, your packet jumps from your home router, to your local ISP, to a regional backbone provider, to an underwater submarine cable, to a foreign ISP, and finally to the destination.

How did your packet know how to navigate this maze? How did your local ISP know that the absolute fastest way to reach a server in Japan was to hand the packet off to AT&T in California?

The answer is BGP (Border Gateway Protocol). BGP is the routing protocol that literally runs the internet.

Without BGP, the internet as we know it would shatter into tens of thousands of disconnected, isolated islands.

Autonomous Systems (The Islands)

To understand BGP, you have to understand that "the internet" is not a single, cohesive entity owned by anyone.

The internet is actually a massive collection of independent networks that have all agreed to connect to each other. These independent networks are called Autonomous Systems (AS).

Comcast is an Autonomous System. AT&T is an Autonomous System. Google is an Autonomous System. A large university is an Autonomous System.

Every AS is assigned a unique number, called an ASN. There are currently about 75,000 active Autonomous Systems in the world.

Inside an Autonomous System, the network administrators are gods. They can route traffic however they want. But when traffic needs to leave Comcast and go to Google, they need a way to communicate. They need a protocol to exchange maps.

How BGP Builds the Map

BGP is fundamentally a gossip protocol.

Let's imagine three Autonomous Systems:

  • **AS 1:** Bob's ISP in New York.
  • **AS 2:** A massive global transit provider like Level3.
  • **AS 3:** A data center in London hosting a website.

    • The data center (AS 3) owns a block of IP addresses (e.g., `203.0.113.0/24`). It tells the global transit provider (AS 2) via BGP: *"Hey, if you ever get any packets destined for 203.0.113.0, send them to me."*

    AS 2 logs this in its routing table.

    Then, AS 2 talks to Bob's ISP (AS 1) via BGP and says: *"Hey, if you ever get packets for 203.0.113.0, send them to me. I know how to get there. The path is [AS 2 -> AS 3]."*

    Bob's ISP logs this. Now, when Bob types the website URL into his browser, his home router sends the packet to his ISP (AS 1). His ISP looks at its BGP routing table, sees the path, and hands the packet to AS 2, which hands it to AS 3.

    This gossiping happens continuously, thousands of times a second, between all 75,000 Autonomous Systems. Over time, every major router on the internet builds a massive, global map of exactly which AS owns which IP addresses, and the shortest "AS Path" to reach them.

    The Fragility of BGP

    BGP is brilliant, but it has a terrifying flaw: It operates almost entirely on blind trust.

    When AS 2 tells AS 1, "I know how to get to 203.0.113.0," AS 1 generally just believes it.

    This leads to one of the most common and devastating catastrophic failures on the internet: the BGP Route Leak or BGP Hijacking.

    Imagine a tiny, incompetent ISP in a small country accidentally mistypes a configuration on their BGP router. They accidentally broadcast to the world: *"Hey everyone! I am the absolute best, shortest path to reach all of Google's IP addresses!"*

    Because BGP operates on trust, the neighboring Autonomous Systems believe the tiny ISP. They update their routing tables. They tell their neighbors. Within minutes, the new (fake) map propagates across the globe.

    Suddenly, millions of internet users trying to reach Google are routed into the tiny, incompetent ISP. The ISP's routers are instantly vaporized by a tsunami of global traffic. They crash. Google drops offline for half the world.

    This isn't theoretical. It happens multiple times a year. In 2008, Pakistan accidentally hijacked all global traffic destined for YouTube while trying to censor it domestically. In 2021, Facebook completely vanished from the internet for 6 hours because a routine maintenance script accidentally wiped all of Facebook's BGP routes, telling the world that Facebook's IP addresses no longer existed.

    Fixing the Flaw: RPKI

    For decades, the internet ran on this handshake-and-trust system. But as cyber warfare and accidental outages became more common, the industry realized we needed a way to verify BGP announcements.

    The modern solution is RPKI (Resource Public Key Infrastructure).

    RPKI is essentially cryptography for BGP. It ties a specific block of IP addresses to a specific ASN using a digital certificate.

    If a tiny ISP in Russia suddenly announces, "I am the path for Amazon's IP addresses," the surrounding routers can now check the RPKI database. They will see that the digital signature for Amazon's IPs does not match the Russian ISP's ASN. The routers will reject the BGP announcement as fraudulent, preventing the hijack from spreading.

    Conclusion

    BGP is the ultimate example of the internet's original design philosophy: decentralized, resilient, and built on trust. While that trust is occasionally abused or broken by human error, the fact that 75,000 independent, competing corporations successfully use BGP to flawlessly route trillions of packets a day is a staggering achievement of human cooperation.