linuxlab.io
Tutorials▾
  • Linux & networking
    File system, processes, TCP/IP, BGP and OSPF
    →
  • Terraform & IaC
    HCL, state, plan/apply on a LocalStack sandbox
    →
  • Git & GitHub
    Object model, plumbing, branching, GitHub Actions
    →
All tutorials →
PricingAboutSign inCreate account
/
  • Introduction
  • Lessons
  • How it works
  • Simulator
  • Knowledge base
  • Interview prep
Index
Categories
All entries
Footer
linuxlab-TutorialsPricingAboutPrivacy & cookies
Copyright © 2026 LinuxLab. All rights reserved.
home/linux/kb/Protocols/bgp

kb/protocols ── Protocols ── advanced

BGP: Border Gateway Protocol

**BGP** is the routing protocol between autonomous systems (AS). It is the language ISPs and large networks use to exchange reachability information: which AS owns which prefixes and how to reach them.

view as markdownaka: border-gateway-protocol, bgp4

Why BGP

Inside a single organization, IGP (interior gateway protocols) do the job: ospf, IS-IS, RIP. They are fast, share full topology, but they do not scale to the size of the internet.

BGP is an EGP (exterior gateway protocol). It:

  • Runs between autonomous systems (AS), independent networks each with its own number (ASN, for example 65001 for private use or 13335 for Cloudflare)
  • Does not share topology, only reachability: "AS 65001 can reach prefix 10.0.0.0/24 via the path AS 65002 -> AS 65003"
  • Picks routes not by shortest metric, but by policy: prefer cheaper transit, do not leak prefixes to competitors, and so on

The internet is roughly 75,000 AS exchanging BGP updates with each other. The full internet BGP table currently holds about 950,000 IPv4 prefixes.

eBGP vs iBGP

TypeBetweenNotes
eBGPdifferent ASTTL=1 (neighbors on the same link), AS-path grows
iBGPwithin one ASfull-mesh required, AS-path unchanged

You need iBGP when you have multiple BGP routers inside one AS. They must all know about each other to forward transit consistently. Instead of a full-mesh you can use a route reflector: one router speaks to all others and redistributes updates.

Session states (FSM)

A BGP session runs over TCP/179. After TCP is established, the BGP handshake proceeds:

Idle -> Connect -> Active -> OpenSent -> OpenConfirm -> Established
  • Idle - initial state, waiting for a trigger
  • Connect - attempting to open TCP
  • Active - TCP did not open, retrying
  • OpenSent / OpenConfirm - OPEN messages exchanged
  • Established - session up, prefix exchange can begin

If show ip bgp summary shows a neighbor in Active, TCP is not getting through (firewall, wrong IP, wrong AS). See cmd-vtysh.

BGP attributes (how the best path is chosen)

When a router receives the same prefix via multiple paths, it selects the best-path in this order:

  1. Local Preference (higher is better) - within an AS
  2. AS-path length (shorter is better)
  3. Origin (IGP < EGP < incomplete)
  4. MED (Multi-Exit Discriminator, lower is better)
  5. eBGP > iBGP
  6. IGP metric to next-hop
  7. Router ID (tie-breaker)

This is simplified. The full decision process has 13 steps. In practice: a shorter AS-path and a higher Local-Pref win.

Minimal configuration (FRR)

Neighbor on a p2p link 10.0.0.0/30, local AS 65001, remote AS 65002:

router bgp 65001
 bgp router-id 1.1.1.1
 no bgp default ipv4-unicast
 neighbor 10.0.0.2 remote-as 65002
 address-family ipv4 unicast
  neighbor 10.0.0.2 activate
  network 192.168.10.0/24
 exit-address-family

What each line does:

  • network - announce your prefix to the neighbor (it must be in the RIB)
  • no bgp default ipv4-unicast - modern best practice: explicitly activate address-family per neighbor
  • bgp router-id - stable 32-bit ID (often a loopback IP)

Verify: show ip bgp summary should show Established and a count of accepted prefixes.

Prefix filters

Without filters, iBGP/eBGP can turn you into a transit for half the internet. At minimum:

ip prefix-list MY-PREFIXES seq 10 permit 192.168.10.0/24
router bgp 65001
 neighbor 10.0.0.2 prefix-list MY-PREFIXES out

This sends only your prefix to neighbor 10.0.0.2, nothing else.

BGP in the data center

In modern DCs (Clos / spine-leaf), BGP has displaced OSPF even as an IGP. This pattern is called BGP-as-IGP or EVPN BGP. The reasons:

  • Simple policy control (route-map, prefix-list)
  • Multipath with unequal AS-path
  • No area design required, unlike ospf
  • Clean separation of underlay from overlay (VXLAN/EVPN)

For a deep reference: Cumulus / NVIDIA "BGP in the Data Center" is the de-facto standard.

§ команды

bash
vtysh -c 'show ip bgp summary'

Status of all BGP neighbors: AS, session state, prefix count

bash
vtysh -c 'show ip bgp'

Full BGP table: prefix -> next-hop -> AS-path

bash
vtysh -c 'show ip bgp neighbors 10.0.0.2 advertised-routes'

Prefixes we are announcing to a specific neighbor

bash
vtysh -c 'show ip bgp neighbors 10.0.0.2 received-routes'

Prefixes received from the neighbor (requires soft-reconfiguration inbound)

bash
ss -tnp '( sport = :179 or dport = :179 )'

Active BGP TCP sessions, quick check without vtysh

§ см. также

  • ospfOSPF: Open Shortest Path First**OSPF** is a link-state IGP inside one autonomous system. Each router knows the full topology (LSDB) and independently computes shortest paths with Dijkstra. Convergence takes seconds.
  • routing-tableRouting tableThe routing table lists where to send packets for each destination. The longest matching prefix wins.
  • ipv4-addressingIPv4: Addressing and CIDRAn IPv4 address is 32 bits written as `a.b.c.d`. The **/N** suffix is the prefix length: `/24` fixes the first 24 bits for the network and leaves 8 bits for hosts (256 addresses).
  • cmd-vtyshvtysh: CLI for FRR (BGP/OSPF)vtysh is the Cisco-style CLI for FRRouting. It lets you configure all routing daemons (zebra, bgpd, ospfd) in a single integrated session.

§ упоминается в уроках

  • ›advanced-08-bgp-minimal
  • ›advanced-09-ospf-area-0
  • ›intermediate-03-three-node-routing
Footer
linuxlab-
Copyright © 2026 LinuxLab. All rights reserved.
Tutorials
Pricing
About
Privacy & cookies