Subscribe to our
weekly update
Sign up to receive our latest news via a mobile-friendly weekly email
Network Insights lets our users view their network path from end to end, providing detailed granular telemetry from four primary sources.
In this week’s tip, we are looking at a use case unique to our popular Network Insights solution. Network Insights lets our users view their network path from end to end, providing detailed granular telemetry from four primary sources:
We could go into depth on any of these, but today we’re going to focus on Border Gateway Protocol (BGP) Monitoring.
This issue has become more relevant than ever before with increasing number of BGP leaks and hijacks. One of the most significant incidents in recent years was the Verizon BGP route leak last year, which caused outages and slowdowns for a large number of Cloudflare customers, AWS also experienced issues. Earlier in the same month, BGP route leaks took out WhatsApp while another one in November 2018 led to significant outages across Google’s suite of services. As you’ll see in this week’s video, Catchpoint detected a major BGP leak just a few weeks ago.
Source: bgpstream.com
As any network engineer will tell you, BGP is the Internet’s routing protocol. It is often described as the postal service of the Internet. After someone has dropped a letter into a mailbox, the postal service chooses the fastest route to deliver it. Similarly, after someone has submitted data across the Internet, BGP looks at all the possible paths that data could travel, then selects the best possible route, which usually involves hopping between autonomous systems (AS’s).
To continue the postal service analogy, AS’s are the equivalent to individual post office branches (essentially a group of networks within the Internet’s many networks). BGP routes are in essence agreements between different AS’s and because the whole system is essentially run on trust, if someone starts to broadcast a duplicate address or simply one that overlaps with an existing subnet, the new AS will start to get traffic not intended for it. This can lead to a cascading series of problems across the Internet.
BGP wasn’t designed with a focus on security. It lacks a built-in mechanism to authenticate packets, thus is prone to attacks and misconfigurations, in particular, prefix hijacks and route leaks.
The consequences of a prefix hijacking or route leak can be significant. Ensuring the health of your BGP routes is one of the most critical elements to a robust network monitoring strategy.
In this video, you will:
To find out more about BGP, check out The Comprehensive Guide to BGP, put together by our resident BGP experts, Alessandro Improta and Luca Sani.