What Is BGP? The Protocol That Holds the Internet Together

BGP (Border Gateway Protocol) is the routing protocol that exchanges routing information between autonomous systems (networks) on the internet. It’s how the roughly 75,000 networks that make up the internet learn how to reach each other. When you send a packet to a server on the other side of the world, BGP is the protocol that determined the path that packet takes across multiple networks to reach its destination. BGP is often called “the protocol that makes the internet work,” and it’s not an exaggeration. It’s also held together by a surprising amount of trust and manual configuration, which leads to some spectacular failures.

How BGP Works

Each autonomous system (AS) runs BGP routers that communicate with neighboring AS’s BGP routers (called BGP peers). These routers share information about which IP prefixes they can reach and the network paths to reach them.

When AS13335 (Cloudflare) announces the prefix 104.16.0.0/12, it’s saying: “I can deliver traffic for any IP in this range. Send it to me.” Neighboring AS’s receive this announcement, add it to their routing tables, and propagate it to their neighbors. Within minutes, routers worldwide know that traffic for 104.16.0.0/12 should be sent toward AS13335.

BGP Path Selection

BGP selects the “best” path to a destination based on several factors (in order of priority):

Local preference: The network administrator’s preferred route
AS path length: Shorter paths (fewer AS hops) are preferred
Origin type: IGP > EGP > Incomplete
MED (Multi-Exit Discriminator): Hint from neighboring AS about preferred entry point
eBGP over iBGP: External routes preferred over internal
Lowest router ID: Tiebreaker

This is dramatically simplified. Real BGP configurations involve complex routing policies, route filtering, traffic engineering, and business relationships.

BGP and Trust

BGP was designed in the 1980s when the internet was a small group of trusted academic networks. It has no built-in authentication or verification mechanism. When an AS announces a prefix, other routers accept it on trust.

This creates real problems:

BGP Hijacking

If an attacker (or careless administrator) announces your IP prefix through their AS, traffic destined for your network gets routed to theirs instead. This has happened many times:

Pakistan Telecom hijacking YouTube (2008): Pakistan tried to block YouTube domestically but accidentally announced YouTube’s prefix to the global internet, redirecting worldwide YouTube traffic through Pakistan (which couldn’t handle it, so YouTube went down globally for hours).
China Telecom routing anomalies (2010, 2018): Routes for US military, banking, and government networks were briefly redirected through Chinese networks.
Amazon Route 53 hijack (2018): Attackers hijacked Amazon DNS IP space for two hours to steal cryptocurrency by redirecting DNS queries.

BGP Leaks

Different from hijacking. A BGP leak is when an AS accidentally propagates routes it shouldn’t. For example, a small ISP accidentally announces that it’s the best path to a major cloud provider’s IP space. Traffic floods through the small ISP’s limited infrastructure, causing outages for everyone involved.

Securing BGP: RPKI

RPKI (Resource Public Key Infrastructure) is the solution being deployed to prevent BGP hijacking. It allows IP address holders to digitally sign which ASNs are authorized to announce their prefixes.

Route Origin Authorizations (ROAs) specify: “This IP prefix should only be announced by this ASN.” BGP routers that implement RPKI validation check incoming route announcements against published ROAs and reject unauthorized ones.

RPKI adoption is growing but not universal. As of 2026, about 40% of IPv4 prefixes have ROAs, and major networks (Cloudflare, Google, Amazon, most European ISPs) validate RPKI. But a significant portion of the internet still accepts unvalidated routes.

The Facebook Outage (October 2021)

The most dramatic BGP incident in recent history. During routine maintenance, Facebook’s engineering team issued a command that accidentally withdrew all BGP route announcements for Facebook’s IP prefixes. Every router on the internet removed Facebook from its routing table.

Result: Facebook, Instagram, WhatsApp, and Oculus were completely unreachable for about six hours. Facebook engineers couldn’t even access their own data centers remotely because the internal tools used the same DNS and routing infrastructure that was down. They reportedly had to send engineers physically to the data centers to fix the configuration.

Estimated cost: over $60 million in lost revenue plus incalculable reputational damage. All from a BGP configuration change.

Test It Yourself

Check BGP Info

Look up any IP and see its ASN, network routes, and organization details.

Open Tool →

Frequently Asked Questions

BGP misconfigurations and hijacks have caused some of the internet's biggest outages. The Facebook outage of October 2021 was caused by a BGP withdrawal that removed Facebook's routes from the global routing table, making all Facebook services unreachable for six hours.

Not in the traditional sense, but BGP routes can be hijacked. If someone announces your IP prefix through BGP (either accidentally or maliciously), traffic destined for your network may get routed to theirs instead. RPKI (Resource Public Key Infrastructure) is being deployed to prevent this.