Related: BGP operates between Autonomous Systems (ASNs).
What is BGP?
Border Gateway Protocol (BGP) is the routing protocol used to exchange reachability information between autonomous systems on the internet. It decides which paths traffic takes between networks.
Why BGP exists
The internet is made up of thousands of independent networks. BGP allows these networks to advertise which IP prefixes they can reach and to apply routing policies.
Core BGP attributes
Download CSV| Attribute | Description | Why it matters | Example |
|---|---|---|---|
| AS_PATH | List of ASNs a route traverses | Prevents routing loops | Shorter paths preferred |
| NEXT_HOP | Next router for a route | Determines forwarding | Neighbor IP |
| LOCAL_PREF | Internal preference value | Controls outbound routing | Higher wins |
| MED | Multi-exit discriminator | Inbound path hint | Lower wins |
| ORIGIN | How route was learned | Trust indicator | IGP preferred |
| COMMUNITY | Route tags | Policy control | No-export |
| PREFIX | Advertised IP range | Traffic destination | 203.0.113.0/24 |
| PEERING | BGP neighbor relationship | Route exchange | IXP peering |
How BGP selects routes
- Highest LOCAL_PREF
- Shortest AS_PATH
- Lowest ORIGIN type
- Lowest MED
- Lowest IGP cost to NEXT_HOP
BGP and security risks
Because BGP trusts announcements from neighbors, misconfigurations or malicious announcements can lead to traffic hijacking or blackholing.
How BGP relates to IP reputation and abuse
- Abusive traffic often originates from specific ASNs.
- Route leaks can expose traffic to unexpected networks.
- ASN-level filtering is common in security systems.