Path Vector Routing

Every time you access a website, stream video, or send an email across the internet, your packets traverse multiple autonomous systems—independent networks operated by different organizations worldwide. The protocol that enables these 70,000+ networks to cooperate and exchange routing information is the Border Gateway Protocol (BGP).

BGP is the de facto standard for inter-domain routing, implementing path vector concepts to enable the global internet to function as a coherent whole despite being composed of independently managed networks. It's often called "the protocol that runs the internet," and for good reason: without BGP, the internet as we know it would not exist.

This page explores how BGP implements path vector routing in practice, from session establishment to route advertisement to the complex decision-making that determines how packets flow across the global network.

The Border Gateway Protocol (BGP) is a path vector routing protocol designed for inter-domain routing—exchanging routing information between autonomous systems (ASNs). BGP is defined in RFC 4271 and is currently at version 4 (BGP-4).

BGP's Core Purpose:

BGP enables autonomous systems to:

1. Announce their prefixes to the internet (reachability information)
2. Learn about prefixes in other autonomous systems
3. Make routing decisions based on path information and policy
4. Propagate routing changes across the global routing system

Why BGP for Inter-Domain Routing?

The internet's architecture demands specific characteristics that BGP provides:

BGP vs Interior Gateway Protocols:

It's essential to understand BGP's position relative to IGPs (OSPF, IS-IS, EIGRP):

BGP operates fundamentally differently from IGPs. Rather than discovering neighbors automatically, BGP requires explicit configuration of peer relationships. Sessions are established over TCP port 179, providing reliable, ordered delivery of routing information.

The BGP Session Lifecycle:

1. Configuration Phase: Operators configure BGP neighbors explicitly:

• Remote AS number
• Remote IP address
• Optional: Authentication (MD5, TCP-AO)
• Optional: Policy (import/export filters)

2. TCP Connection: BGP initiates a TCP connection to port 179. Either peer can initiate, but configuration must permit the connection. The TCP session provides:

• Reliable message delivery
• Ordered message sequencing
• Connection-oriented state management

3. BGP State Machine: Upon TCP connection, BGP follows a finite state machine:

BGP States Explained:

Only in the Established state does BGP exchange routing information. Any error (invalid message, timeout, session reset) returns the session to Idle.

Timers Governing Sessions:

Hold Timer:     Default 90 seconds
                Negotiated between peers (use minimum)
                If no message received within hold time → session reset

Keepalive:      Default 30 seconds (typically 1/3 of hold timer)
                Sent periodically to maintain session
                Indicates "I'm alive, no routing changes"

Connect Retry:  Default 120 seconds
                Time between connection attempts after failure

BGP uses four message types to establish sessions and exchange routing information. Each message follows a common header format with a 16-byte marker, 2-byte length, and 1-byte type indicator.

Message Type Summary:

OPEN Message:

Sent immediately after TCP connection. Contains:

OPEN Message Fields:
  Version:       BGP version (4)
  My AS:         Sender's Autonomous System Number
  Hold Time:     Maximum seconds between messages (0 = no keepalives)
  BGP ID:        Router ID (typically highest loopback IP)
  Opt Params:    Capability negotiation (multiprotocol, 4-byte ASN, etc.)

The OPEN exchange allows peers to negotiate capabilities. If capabilities don't match (e.g., one requires features the other doesn't support), the session fails.

UPDATE Message:

The workhorse of BGP—carries routing information:

UPDATE Message Fields:
  Withdrawn Routes:   List of prefixes to remove from table
  Path Attributes:    Attributes applying to announced prefixes
    - ORIGIN, AS_PATH, NEXT_HOP (mandatory)
    - LOCAL_PREF, MED, COMMUNITY, etc.
  NLRI:              Network Layer Reachability Information (announced prefixes)

A single UPDATE can withdraw some routes and announce others. This efficiency is crucial at internet scale.

KEEPALIVE Message:

Simplest message—just the 19-byte header with type 4. Sent periodically to indicate the session is healthy without routing changes.

NOTIFICATION Message:

Sent when an error occurs. Contains error code and subcode:

After sending a NOTIFICATION, the session is terminated.

BGP operates in two modes with fundamentally different behaviors: External BGP (eBGP) between autonomous systems and Internal BGP (iBGP) within an autonomous system. Understanding these differences is essential for proper BGP deployment.

eBGP (External BGP):

Connects routers in different autonomous systems:

• Peers have different AS numbers
• Typically over directly connected interfaces
• TTL = 1 by default (security measure)
• AS path is modified (prepended with local AS)
• Next-hop is changed to advertising router

Why iBGP Doesn't Modify AS Path:

If iBGP modified the AS path, internal routers would see artificially lengthened paths:

Incorrect (if iBGP prepended):
  Edge router learns: 192.0.2.0/24 via AS_PATH 65002
  Redistributes to iBGP: 192.0.2.0/24 via AS_PATH 65001 65002
  Internal router sees: Path length 2 for internal route!
  
Correct (iBGP preserves):
  Edge router learns: 192.0.2.0/24 via AS_PATH 65002
  Redistributes to iBGP: 192.0.2.0/24 via AS_PATH 65002
  Internal router sees: Path length 1 (accurate inter-domain path)

The AS path represents the inter-domain path, not internal hops. iBGP routers are within the same AS and don't add to the AS path length.

The iBGP Full Mesh Requirement:

iBGP has a split-horizon rule: routes learned via iBGP cannot be advertised to other iBGP peers. This prevents iBGP loops but requires:

• Full mesh: Every iBGP router peers with every other iBGP router
• n routers ⟹ n(n-1)/2 sessions
• 100 routers ⟹ 4,950 sessions!

The iBGP full mesh requirement creates scalability challenges: 100 routers require 4,950 sessions. Two mechanisms address this: Route Reflectors and Confederations.

Route Reflectors (RR):

Route reflectors break the iBGP split-horizon rule in a controlled manner:

Traditional Full Mesh:          With Route Reflector:

   R1 ──── R2                      R1
   │╲    ╱│                        │
   │  ╲╱  │                        │
   │  ╱╲  │                        RR (Route Reflector)
   │╱    ╲│                       ╱│╲
   R3 ──── R4                    R2 R3 R4
   
   6 sessions                    3 sessions

How Route Reflection Works:

1. RR clients peer only with the RR (not with each other)
2. RR receives routes from clients and eBGP
3. RR reflects routes to other clients (bypassing split-horizon)
4. Special attributes prevent loops:
   • ORIGINATOR_ID: Original advertiser's router ID
   • CLUSTER_LIST: List of RR cluster IDs traversed

RR Loop Prevention:

Route reflectors use two attributes to prevent loops:

Confederations:

An alternative to RRs: divide the AS into sub-ASes using private ASNs:

        External View:
        AS 65001
        
        Internal View:
        ┌───────────────────────────┐
        │      AS 65001             │
        │  ┌─────────┐ ┌─────────┐  │
        │  │Sub-AS   │ │Sub-AS   │  │
        │  │ 65500   │─│ 65501   │  │
        │  └─────────┘ └─────────┘  │
        │       │           │       │
        │  ┌─────────┐             │
        │  │Sub-AS   │             │
        │  │ 65502   │             │
        │  └─────────┘             │
        └───────────────────────────┘

• Within sub-AS: Normal iBGP (full mesh or RRs)
• Between sub-ASes: eBGP-like behavior with AS_CONFED_SEQUENCE
• External advertisement: Only public ASN appears

Understanding BGP theory is essential, but production deployment requires additional considerations around security, stability, and operational practices.

The Global BGP Routing Table:

As of 2024, the global BGP table contains approximately:

• 950,000+ IPv4 prefixes
• 200,000+ IPv6 prefixes
• Advertised by 70,000+ autonomous systems

Each BGP router in the default-free zone (DFZ) must store and process this entire table. This requires:

• Memory: 2-4 GB for RIB storage
• CPU: Processing thousands of updates/second during convergence
• Bandwidth: Full table transfer (10-15 minutes) on session establishment

Common BGP Deployment Patterns:

Pattern 1: Multi-homed Enterprise

                ┌────────────┐
                │ Enterprise │
                │  AS 65001  │
                └─────┬──────┘
                      │ iBGP
           ┌──────────┴──────────┐
           │                     │
      ┌────▼────┐           ┌────▼────┐
      │ Router  │           │ Router  │
      │   R1    │           │   R2    │
      └────┬────┘           └────┬────┘
           │eBGP                 │eBGP
      ┌────▼────┐           ┌────▼────┐
      │  ISP A  │           │  ISP B  │
      │AS 65010 │           │AS 65020 │
      └─────────┘           └─────────┘

Pattern 2: Transit Provider

                 Upstream Tier 1 Providers
                    │           │
                    │eBGP      │eBGP
            ┌───────▼───────────▼───────┐
            │    Transit Network        │
            │       AS 65100            │
            │  ┌─RR──┐    ┌─RR──┐       │
            │  │  1  │────│  2  │       │
            │  └──┬──┘    └──┬──┘       │
            │     │iBGP      │iBGP      │
            │  ┌──┴──────────┴──┐       │
            │  │  Edge Routers  │       │
            │  └──┬──────────┬──┘       │
            └─────┼──────────┼──────────┘
                  │eBGP      │eBGP
            Customer A    Customer B

BGP has evolved significantly since its initial specification. Modern deployments leverage numerous extensions that enhance functionality, security, and flexibility.

Multiprotocol BGP (MP-BGP):

RFC 4760 extended BGP to carry routing information for multiple address families:

MP-BGP is foundational for MPLS VPNs, IPv6 deployment, and modern data center fabrics.

4-Byte AS Numbers:

The original 2-byte ASN space (0-65535) was exhausted. RFC 6793 introduced 4-byte ASNs:

2-byte range:   0 - 65535
4-byte range:   0 - 4,294,967,295

Notation:
  asdot:   3.15 (old-style, rarely used)
  asplain: 196623 (recommended)

Private ranges:
  2-byte:  64512 - 65534
  4-byte:  4200000000 - 4294967294

RPKI (Resource Public Key Infrastructure):

RPKI provides cryptographic verification of route origins:

1. ROA (Route Origin Authorization): Certificate stating "ASN X is authorized to originate prefix Y"
2. RPKI Validator: Software that downloads ROAs and validates BGP routes
3. Validation States: Valid, Invalid, NotFound

RPKI Validation:
  Prefix: 192.0.2.0/24
  Origin AS: 65001
  ROA exists for AS 65001 → Valid
  
  Prefix: 192.0.2.0/24
  Origin AS: 65999  (wrong AS)
  ROA exists for AS 65001 → Invalid → DROP

RPKI adoption is accelerating, with major networks implementing "reject invalid" policies.

BGP is the practical embodiment of path vector routing, implementing the concepts of AS path information, loop prevention, and policy routing at global scale. Understanding BGP operations—from session establishment to route selection to modern extensions—is essential for anyone working with internet routing.

Key Concepts Mastered:

What's Next:

Having explored path vector concepts and BGP implementation, the final page provides a comprehensive comparison with other routing paradigms. We'll examine how path vector, distance vector, and link state approaches differ, when each is appropriate, and how they work together in modern networks.