BGP Stories

Securing BGP on the host with origin validation

Published on: 2019-09-24

An increasingly popular design for a data centre network is BGP on the host: each host ships with a BGP daemon to advertise the IP addresses it handles and receives the routes to its fellow servers. Compared to a Layer 2-based design, it is very scalable, resilient, cross-vendor and safe (due to ...

Why is securing BGP just so damn hard?

Published on: 2019-09-19

Concur that BGP, at its core, depends entirely on trust between its participants. It is possible to identify and ostracize the untrustworthy, but this is a social solution rather than a technical one. I would observe that several of the leading hyperscalers are creating worldwide private ...

BGP route leak sends European traffic via China

Published on: 2019-06-26

On Thursday June 6, 2019, traffic destined to some of Europe’s biggest mobile providers was misdirected in a roundabout path through the Chinese-government-controlled China Telecom, in some cases for more than two hours. “Swiss data center colocation company AS21217 leaked over 70,000 routes to ...

BGP Route Security

Published on: 2018-12-17

Whenever there is a new attack on the Internet that has anything to do with BGP (Border Gateway Protocol), you hear the commonly used phrase that goes something like “BGP is based on the inherent trust model with no inbuilt security”. While that is true (as we will see in this article), what ...

L3 fabric DC -The underlay Network (BGP) -part2

Published on: 2017-01-17

In the previous post, we laid the foundation of L3 fabric DC In this post we will discuss the underlay network which mainly provide IP reachability plus ECMP capability, here BGP would play a role in your DC next to the 3 other that we discussed one of the previous posts. For the sake of ...

GoBGP – A Control Plane Evolving Software Networking

Published on: 2016-03-29

If I have talked to you over the past year or two about networking, odds are I have mentioned a project to you called GoBGP. If we have spoken a lot, you are probably sick of me talking to you about GoBGP There is a reason, it’s because GoBGP is a missing link in networking that has been for a ...

bgp – advertising multiple paths

Published on: 2014-02-07

Path hiding on a route server running BGP can happen if the route server has been configured to filter the chosen best path from reaching a particular route server client. Assuming a traditional best path selection, when the same prefix is advertised to a route server from multiple route server ...

© 2016 www.fusioneer.net.All rights reserved.