Engineering Reference

BGP — The Path Vector Protocol

From peering fundamentals and path attributes to route policy, communities, and modern EVPN

8Sections

5Topics

10Concepts

~45 minNetworkingBGPRoutingRFC 4271Path Vector

01Foundations

See something that needs updating?

What BGP Is (and Isn't)

The internet's routing policy engine — connecting autonomous systems

BGP (Border Gateway Protocol) is the exterior gateway protocol that routes traffic between autonomous systems on the public internet and within large enterprises. Defined in RFC 4271, BGP uses TCP port 179 to establish sessions between peers. Unlike OSPF or EIGRP, BGP is a path vector protocol — it tracks the full AS path to every destination and makes routing decisions based on policy, not just shortest path.

Plain English

If OSPF is a city map where every router shares road conditions, BGP is the international shipping agreement between countries. Each country (autonomous system) decides which routes to advertise, which to accept, and which to prefer — based on business relationships, not just distance.

How BGP Works — High Level

The Core Distinction

OSPF is a topology engine — it finds shortest paths inside one network. BGP is a policy engine — it controls which paths exist between networks based on business and security rules. Both are essential; they solve different problems.

Key Concepts

Autonomous systems, address families, and the two flavors of BGP

BGP operates over TCP/179 and uses a path vector algorithm that tracks the full AS path to every destination.

Protocol

TCP/179

Reliable transport, not IP multicast

Algorithm

Path Vector

Tracks full AS path to destination

RFC

4271

Current specification (2006)

Internet Routes

~950K+

Full IPv4 table (2024)

Concept	Description
Autonomous System (AS)	A network or group of networks under a single administrative policy. Identified by a 32-bit ASN (RFC 6793).
eBGP	External BGP — sessions between different ASes. The backbone of internet routing.
iBGP	Internal BGP — sessions within the same AS. Distributes external routes internally.
AFI/SAFI	Address Family Identifier / Sub-AFI. Enables BGP to carry IPv4, IPv6, VPNv4, EVPN, and more in one protocol.
NLRI	Network Layer Reachability Information — the prefixes being advertised in UPDATE messages.

eBGP vs iBGP

Two flavors, very different rules

eBGP and iBGP share the same protocol but operate under fundamentally different rules for TTL, AS_PATH handling, next-hop behavior, and loop prevention.

Behavior	eBGP	iBGP
Peers are in...	Different ASes	Same AS
TTL default	1 (directly connected)	255 (multihop by default)
AS_PATH	Local AS prepended on send	AS_PATH unchanged
NEXT_HOP	Set to self	Unchanged (must be reachable via IGP)
LOCAL_PREF	Not sent	Sent between iBGP peers
Loop prevention	AS_PATH check — reject if own AS seen	Cluster-ID / Originator-ID
Full mesh required?	No	Yes (or use Route Reflectors / Confederations)

The iBGP Full Mesh Problem

iBGP does not re-advertise routes learned from one iBGP peer to another iBGP peer (split horizon). This means every iBGP speaker must peer with every other — n(n-1)/2 sessions. At 50 routers, that is 1,225 sessions. Route reflectors solve this.

BGP Message Types

Four message types drive all BGP operations

OPEN

Initiates a session. Carries ASN, hold time, router ID, and capabilities (MP-BGP, 4-byte ASN, graceful restart).

UPDATE

Advertises new routes or withdraws old ones. Contains path attributes + NLRI (prefixes). The workhorse message.

KEEPALIVE

Sent every hold-time/3 (default 60s). Confirms the peer is alive. No payload — just a header.

NOTIFICATION

Signals an error and tears down the session. Carries error code + subcode. Always followed by TCP close.

Related Bytes

OSPF — The Definitive Guide

NetworkingOSPFRouting

Analog vs. Digital Signaling in Professional AV

NetworkingAVSignaling