IT221 T PROJECT 2023 – Third semester

Group Members

Name ID
‫فاطمة خالد الصفي‬ 444008474
‫جواهر إبراهيم العسكر‬ 444008469
‫لين علي ال مجري‬ 444008462
‫ليان محمد الغنيمان‬ 444008459
‫مها فهد المجلي‬ 444008450

PNU

The project is about BGP Application protocol

Section 32Y
 Introduction:

The BGP Protocol it is (the "Border Gateway Protocol"), an indicative protocol used in
Internet networks to identify methods for channelling data packages between different
independent networks ("autonomous systems"). BGP is mainly used in Internet networks,
where it helps achieve communication and guidance between different networks and
Internet service providers. BGP also identifies the best steering methods based on
specific criteria such as network speed and efficiency. Border Gate Protocol in general is
a powerful and flexible protocol that effectively and securely helps guide data packages
in Internet networks, also BGP uses TCP/IP protocol to exchange information between
tracks and networks. [1]

1.

1
 2. Protocol operation: Explain how this protocol works (500 - 1500 words)

BGP allows different autonomous systems to connect between each other. Large organizations
and most ISPs manage internet connectively for multiple networks sites and locations, this is
called Autonomous System (AS). While networks inside an AS handle routing for their own
local traffic. BGP router directs all inbound traffic into the autonomous system and all outbound
traffic going to the internet inside the AS. The public internet comprises thousands of these
autonomous systems. And BGP directs how packet should be forwarded between them, date
travels between autonomous systems as it moves from source to destination.

When BGP used inside the autonomous systems is called IBGP. It is used to provide
information to your internal routers. It requires all the devices in the same autonomous systems
to form full mesh topology or either Route reflectors and Confederation for prefix learning. and
when it is used to connect between different autonomous systems is called EBGP. It is applied at
the border or edge router, which offers communication between two or more independent
systems. It serves as the protocol in charge of tying networks from various companies or the
Internet together.

Each BGP router contains routing tables it can used to find available passes on the global
internet. When a BGP router receives a request, it uses this information to determine the best
path to the destination.

For BGP to work. AS operators need to trust each other. As such, they configure peering
agreements that enable them to establish direct connections with each other, and permit BGP
traffic to travel throughout their autonomous systems. [2]

The work system of (BGP) Border Gateway Protocol typically uses a specific technique called
(peering). The general purpose of using BGP is to exchange routing information between two
peer routers or systems. This technique does many functions. For instance, Route storage, path
MTU discovery, Providing redundancy and Path selection. The administrators designate specific
routers such as BGP peer routers or BGP speaker routers.

This protocol uses TCP as the transport protocol. Two BGP routers, which is peer routers form a
TCP connection between them. These peer routers exchange messages to confirm and open the
connection parameters [3].

Path MTU discovery (PMTUD):

It is a solution to find the best TCP packet length. The TCP connection tries to send the longest
packets that never fragmented from source to destination along the path. It does this by using
don’t fragment in flag field in the IP packet.

2
Path selection:

BGP routers often find multiple paths to one destination. So, the BGP best path algorithm. which
is one of functions that BGP performs (path selection). uses the best path to use in the IP routing
table and to forward the traffic. To select the best path there are list of rules, there is two of them:

1- path with highest WEIGHT:

WEIGHT means is local of the router on which it is configured. The weight number from 0 to
65,535. Figure 1.

Figure 1

2- path with the highest local-preference value:

The AS path is an attribute used in the Border Gateway Protocol (BGP) to indicate to the
autonomous system about which path is the best to exit the AS to reach a specific network. If the
routers in an AS that is means it can use exterior gateway protocols to route packets outside the
AS. and Interior Gateway Protocols (IGPs) to exchange information inside the AS. If there is no
local-preference value. By default, the local-preference value = 100. Figure 2.

3
The difference between weight attribute and local-preference is the weight is attribute for the
local router only. but local preference is an attribute routers exchange between them in the one
AS.

Figure 2

3- path with the shortest AS_PATH:

It is an attribute that collects and lists the AS numbers that a route has traversed to the
destination. BGP uses the AS_PATH attribute to prevent routing loops by checking if the AS
number of the receiving router is already in the AS_PATH attribute of the update. Figure 3.

Figure 3

4
There are other rules such as hop counts and oldest path.

Providing redundancy:

BGP helps provide redundancy by making routers adapt quickly and if one internet path goes
down it sends packets through another connection. It is usually used in large networks, such as
wide area networks (WAN) and internet service provider networks.

Advantages of peering:

The BGP which is using the (peering) technique. Has many benefits other than its functions.

1 – avoiding traffic in the network.

2- level of security that helps to prevent the risk of data sniffing.

3- increase your control over services in the network.

4- Peer networks are often considered more reliable because they are less likely to be disrupted
by issues like a DDoS attack.

How does the security of BGP works?

Imperva DDoS Defense Robust defense against distributed denial of service (DDoS) attacks can
be achieved through BGP rerouting. Direct-to-origin DDoS attacks can be lessened by BGP
rerouting, which filters all incoming network traffic before it reaches the intended target.
Malicious network packets are redirected to security providers at the network level by it,
preventing them from reaching DNS servers or other computing resources.

BGP routers have the ability to route large amounts of traffic to centralized data scrubbing
centers that security providers use. The scrubbing center analyses traffic and filters out malicious
DDoS attack traffic using deep packet inspection. It then allows traffic that is in good condition
to get to the AS.

Furthermore, Imperva offers thorough protection for microservices, APIs, and applications:

Web Application Firewall: Protect your apps from attacks by analyzing web traffic like never
before.

5
Runtime Application Self-Protection (RASP): No matter where your apps go, the runtime
environment protects them from attacks in real time. Stop outside intrusions and injections and
reduce the number of vulnerabilities that are still open.

API Security: Preventing exploitation of your applications and keeping your published API
endpoints secure is achieved through automatic API protection.

Use Advanced Bot Protection to stop business logic attacks from mobile apps, websites, and
APIs. Take control of both traffic and obtain seamless visibility to stop account takeover and
competitive price scraping to stop online fraud.

Attack Analytics: This technology uses machine learning and domain expertise to detect patterns
in the noise, identify application attacks, and assist you in identifying and halting attack
campaigns. It ensures complete visibility throughout the application security stack. [3]

6
The Vulnerabilities:

1. BGP Scalability Issue:

When an autonomous system (AS) uses Internal BGP (IBGP), all routers within that AS must
maintain connections in a full mesh, leading to growth in the number of sessions as routers
increase. This can strain router resources and degrade performance. Two techniques were
proposed: route reflectors and confederations, aim to reduce the number of IBGP sessions but
can introduce another problem at their own.(route oscillation, sub-ontimal routing, increase of
BGP convergence time) .[5]
2. Routing Instability:
BGP routing tables need to constantly adjust to reflect network changes, but In some cases BGP
can experiment a root flapping; where Roots continuously alternate between available and
unavailable states, this can impact network stability and routing decisions .[6]

3. Routing Table Growth:

The growth of routing tables till the point that some of the old routers those who have a less
ability to handle all routing tables fixings resources. Which consciously make the old routers to
stop being effective gate between the internet parties that are connected to . Overall they will
take a longer time to archive stability in the path when dealing with a massive change in the
routing tables, which will impact on confidence of network services and its availability.[7]

4. Load Balancing Issue:

another factor of routing table growth, is the need of balancing network’s multi homed load, and
the balancing is not an easy task, because of the restrictions on BGP paths decisions. if you
announce a network block among all of it peers, the result maybe that one of it’s link or more
become congested , while the remaining links under-utilized. As the other routing protocol BGP
cannot detect congestion.[8]
5. Security Issues :
BGP can vulnerable to security threats such as:
Root hijacking or malicious attacks, leading to potentially disruptions or unauthorized traffic
diversion.
Detecting and mitigating such attacks is crucial to prevent misrouted traffic and denial of
services.[9]

7
Alternatives of BGP protocol:
1. Software-Defined Networking (SDN):
SDN is known as an approach that separates the control plane from the data plane in network
devices. This separation allows for centralized control and programmability of the network,
that can help to mitigate BGP's scalability and control issues. SDN is implemented by using
technologies like OpenFlow and SDN controllers.
2. Multiprotocol Label Switching (MPLS):
MPLS is a routing technique that can be used to improve the efficiency of packet forwarding,
reduce network complexity, and provide traffic engineering capabilities. It can be used
alongside BGP to improve traffic management.
3. Segment Routing (SR):
SR is an extension of MPLS that simplifies network architecture and routing by encoding
routing information directly into the packet header. It can be used to address some of the
scalability and control plane issues associated with BGP.
4. Overlay Networks:
Overlay networks like Virtual Private Networks (VPNs), Virtual Extensible LAN (VXLAN),
and Network Virtualization with GRE (NVGRE) create virtualized networks on top of the
existing network infrastructure. They can be used to address security and routing issues
associated with BGP.
5. Network Monitoring and Security Solutions:
Implementing network monitoring tools and security solutions can help detect and mitigate
issues such as route hijacking, route leaks, and other BGP security vulnerabilities. Solutions
like BGP monitoring, prefix filtering, and route validation can enhance the security and
stability of BGP.
It's important to note that BGP is deeply ingrained in the core infrastructure of the internet,
and while alternatives and enhancements are emerging, BGP continues to be a fundamental
part of global routing. Many networks use a combination of these alternatives and
complementary technologies to address BGP's vulnerabilities while still relying on BGP for
core routing functions.

8
 5. References:

1[ .]‫" [متصل‬،/https://aws.amazon.com/ar/، "https://aws.amazon.com/ar

2[ Available: .]‫" [متصل‬،J. Burke، "DEFINITION BGP (Border Gateway Protocol)

] .https://www.techtarget.com/searchnetworking/definition/BGP-Border-Gateway-Protocol

.]2023 11 03 ‫[تاريخ الوصول‬

3[ Available: .]‫" [متصل‬،Border Gateway Protocol (BGP)"

] https://www.imperva.com/learn/ddos/border-gateway-protocol-bgp/#:~:text=Imperva's

%20DDoS%20Protection%20solution%20is,uptime%20and%20no%20performance

.]2023 11 03 ‫ [تاريخ الوصول‬.%20impact

4[ p. &. m. Cisco Networking Academy: Learn Cybersecurity، "Networking Academy،" 1

] .]november 2023 4 ‫ [تاريخ الوصول‬./Available: https://www.netacad.com .]‫ [متصل‬.november 2023

9
5] A. Basu, et al., “Route oscillations in IBGP with route reflection,” in Proc. ACM SIGCOMM,
August 2002.
6] N. Feamster, et al., “A model of BGP routing for network engineering,” in Proc. ACM
SIGMETRICS, June 2004.
7] R. Musunuri and J. A. Cobb, “Scalable IBGP through selective path dissemination,” in
Proceedings of IASTED International Conference on Parallel and Distributed Computing and
Systems (PDCS), November 2003.

8] R. Musunuri and J. A. Cobb, “Complete solution to stable IBGP,” in Proceedings of IEEE

International Conference on Communications, June 2004.
9] S. Kent, et al., “Secure Border Gateway Protocol (S-BGP) Real World Performance and
Deployment Issues,” IEEE Journal on Selected Areas in Communications, 2000.

10
11