CONCEPT Cited by 3 sources

Border Gateway Protocol (BGP)

BGP is the path-vector routing protocol that glues the Internet together. Each Autonomous System (AS) speaks BGP with its neighbors to exchange reachability information — "I can reach the following prefixes via the following AS path." The global Internet routing table is the emergent, per-router outcome of all these pairwise sessions and their locally-applied policies.

Core semantics

• Path-vector: advertisements carry the full sequence of ASes the route traverses (the AS path). Loops are prevented by rejecting any route whose AS path already contains the receiving AS.
• Policy, not shortest-path. BGP routers pick a best path per prefix via a deterministic tiebreaker ladder (local preference → AS-path length → MED → origin → eBGP vs iBGP → router ID). Local preference usually wins, which means business policy (prefer customer over peer over provider) routinely overrides shorter path.
• Trust-based. BGP has historically no cryptographic enforcement of who may originate a prefix or who may appear on a path. RPKI / ROV added origin validation in the 2010s; ASPA + OTC are adding path validation in the late 2020s.

Relationships shape advertisements

Pairwise relationships drive export policy:

• customer→ provider: the customer pays the provider for Internet transit. The customer advertises only its own routes + its own customers' routes upstream. The provider advertises the full Internet downstream.
• peer↔peer (settlement- free): each peer advertises only its own routes + its own customers' routes to the other.

The emergent well-formedness property is valley-free routing — a path should never go customer → provider → customer.

Why it breaks

• Route leaks — an AS advertises routes beyond their intended scope, e.g. takes routes from one provider and redistributes them to another (Type 1 hairpin).
• Route hijacks — an AS originates a prefix it doesn't own. Fixed structurally by ROV.
• Route withdrawals — unadvertising a prefix makes it globally unreachable at Internet speed; load-bearing failure primitive for anycast services.

Seen in

• sources/2026-01-08-cloudflare-a-closer-look-at-a-bgp-anomaly-in-venezuela — the post teaches BGP semantics as the setup for its route- leak forensic argument. Intended scope, customer-provider vs peer-peer, valley-free rule, Type 1 hairpin, AS-path prepending, BGP community tags, IRR-derived prefix lists, origin vs path validation are all introduced or exercised.
• sources/2025-07-16-cloudflare-1111-incident-on-july-14-2025 — BGP as the global-withdrawal primitive; a misconfigured service topology → a single global withdrawal → a 62-minute anycast outage.

First AS enforcement

First AS enforcement (RFC 4271 §6.3) verifies that the leftmost AS in a received AS_PATH matches the configured peer ASN. This simple check prevents forged-origin and path-shortening hijacks that bypass both ROV and ASPA. Cloudflare's 2026 measurement found half of Tier 1 networks fail to enforce it, primarily due to vendor defaults. (Source: sources/2026-06-03-cloudflare-enforcing-the-first-as-in-bgp-as-paths)

Related

• concepts/autonomous-system
• concepts/route-leak
• concepts/valley-free-routing
• concepts/customer-provider-relationship
• concepts/peer-peer-relationship
• concepts/anycast
• concepts/rpki
• concepts/route-origin-validation
• concepts/bgp-route-withdrawal
• concepts/first-as-enforcement
• concepts/bgp-route-hijack
• concepts/forged-as-path
• concepts/treat-as-withdraw
• systems/aspa