What Is BGP? How Internet Routing Actually Works

BGP (Border Gateway Protocol) is the routing protocol that makes the internet work. It's responsible for determining how data travels between Autonomous Systems (ASes) — the large networks operated by ISPs, cloud providers, and enterprises that make up the internet.

If DNS is the "phonebook of the internet," BGP is the "postal routing system." It doesn't carry your data — it determines the path your data takes across networks to reach its destination. Every time you visit a website, BGP has already determined the route your packets will follow across potentially dozens of networks.

BGP is sometimes called the "protocol that holds the internet together," and for good reason — without it, networks would have no way to share routing information, and the internet would fragment into isolated networks.

BGP works by having routers at the border of each Autonomous System exchange route announcements with their neighbors:

1. Route advertisement: An AS announces the IP prefixes (address ranges) it owns to its BGP neighbors. For example, AS15169 (Google) announces that it owns 8.8.8.0/24.
2. Route propagation: Each neighbor passes this announcement to its own neighbors, adding its own AS number to the path. This creates the "AS path" — a chain showing every network the route has passed through.
3. Path selection: When a router has multiple paths to the same destination, BGP uses a series of criteria to choose the best one: local preference, shortest AS path, origin type, and other attributes.
4. Continuous updates: BGP routers constantly exchange updates as routes change — new routes are announced, withdrawn routes are removed, and path attributes are modified.

Unlike internal routing protocols (like OSPF), BGP is a "policy-based" protocol. Network operators configure BGP to implement business decisions — preferring certain paths, blocking others, and controlling who they share routes with.

eBGP (External BGP): Used between routers in different Autonomous Systems. This is the "internet glue" — eBGP sessions connect ISPs to ISPs, cloud providers to enterprises, and content networks to access networks. eBGP sessions are typically configured over direct physical links between networks at internet exchange points or private peering connections.

iBGP (Internal BGP): Used within a single Autonomous System to distribute external routes to internal routers. When an edge router learns a route via eBGP, it uses iBGP to share that route with other routers inside the same AS. This ensures all routers in the network have consistent routing information.

The distinction matters because eBGP is where routing policy decisions are made — you choose which routes to accept from external networks and which of your routes to share with them.

Because BGP is fundamentally trust-based — routers generally believe the route announcements they receive — mistakes and attacks can have massive consequences:

BGP hijacking: A network announces IP prefixes it doesn't own, diverting traffic meant for someone else. In 2018, a small ISP briefly hijacked Amazon's DNS traffic. In 2008, Pakistan Telecom accidentally hijacked YouTube's IP space while trying to block it domestically, causing a worldwide YouTube outage.

Route leaks: A network accidentally shares routes it shouldn't, causing traffic to flow through unintended paths. In 2019, a small ISP in Pennsylvania leaked routes from Cloudflare through its network, causing widespread slowdowns.

Configuration errors: A simple typo in a BGP configuration can cause an AS to withdraw its routes, making its entire network unreachable. In October 2021, Facebook accidentally withdrew its BGP routes, making Facebook, Instagram, and WhatsApp unreachable for six hours.

RPKI (Resource Public Key Infrastructure) is a security framework designed to prevent BGP hijacking by cryptographically verifying that an AS is authorized to announce specific IP prefixes. Adoption is growing but still incomplete.

Even though most people never interact with BGP directly, it affects everyone:

• Internet outages: Major outages at large providers are often caused by BGP issues. Understanding BGP helps you understand why "the internet is down" sometimes affects only certain sites or services.
• Latency and performance: BGP path selection determines which networks your data traverses. Suboptimal BGP routing can add latency. CDNs and large tech companies spend significant effort optimizing their BGP configurations.
• IP reputation: The ASN associated with your IP (visible when you look it up on LookMyIP) reflects which network your traffic is routed through, which affects how your traffic is perceived by firewalls and email servers.
• Security: BGP hijacking can redirect your traffic through malicious networks, enabling surveillance or man-in-the-middle attacks. Using HTTPS protects your data even if BGP routing is compromised.