Best Practices for Enhancing BGP Security

BGP is the de facto routing protocol for inter-domain routing, or in other words, the global internet. It’s used to exchange routing information among autonomous systems around the entire world. Therefore, it’s extremely important we do what we can to secure BGP communications, what we advertise, and the methods we use to create peering relationships. However, BGP is decentralized in nature and generally built on trust between BGP peers making it difficult to secure and a popular attack vector.

For this post, I’ll focus on two main threats to BGP security and several (but not all) methods we can use to mitigate BGP security incidents.

Continue reading →

February 20, 2024 0

What is a valley-free violation?

In the context of BGP, a valley-free violation is when routing policy governing BGP path selection and advertisement breaks the valley-free policy. The valley-free routing policy basically ensures traffic doesn’t traverse unintended autonomous systems, usually a customer AS downstream from a service provider, and therefore an unintentional transit network.

Continue reading →

February 14, 2024 0