Hacker News new | past | comments | ask | show | jobs | submit login
Large BGP Communities beacon in the wild (nanog.org)
27 points by simonjgreen on Oct 16, 2016 | hide | past | web | favorite | 16 comments

Sorry, I may be missing something important from the linked discussion, but what is this BGP for? Is it an alternative to IP addresses?

Let's see if I can explain it concisely...

When you send traffic to an IP address, your router must know where to send it to. In consumer routers, you usually just have a default route for the whole internet towards your ISP's gateway, but the ISP must also maintain a routing table to know where the packet must go next, and BGP is the protocol most commonly used to advertise where each network resides.

Every ISP could in theory maintain the internet routing tables by just having a set of static routes, but considering that the IPv4 internet routing table consists of over half a million entries at the moment (and it's growing), this is practically impossible. Instead, each ISP (or "Autonomous System") peers with others to advertise their routes to the network blocks assigned to them, and often the routes they receive from other peers.

When you have multiple peers like this, the advertised routes contain as metadata the IANA assigned global AS numbers of each participant in the network up to the endpoint (the "AS path"), thus allowing routers to calculate the shortest route in case two peers advertise routes to the same network block. This also gives the internet its self-healing property, since if one router goes down, you usually have an alternate path available.

The BGP "communities" mentioned in the article are a way for peers to signal additional information about their routes. For example, an ISP can publicly claim that they will not forward traffic to routes advertised with a certain community, allowing a network operator to tell their transit ISP to drop DoS traffic to a subset of their addresses before it reaches their network, helping protect customers not under attack.

Note that the protocol has imperfect security, which is worrying:


It's a protocol for external routing between ASs. (see https://en.wikipedia.org/wiki/Border_Gateway_Protocol )

BGP is the protocol that internet providers use to tell each other which IP addresses they are using.

There've been some really good technical answers, I'm going to address the conceptual.

The Internet is a set of interconnected networks. These are "internetworked" together.

BGP is the protocol, border gateway protocol, which lets those individual networks know how to find one another.

The individual networks are known as "autonomous systems". This is a single uniform zone of autonomous control, under a single authority (more-or-less -- there are exceptions to everything). An Autonomous System (AS) is identified by an Autonomous System Number (ASN). It's comprised of a number of contiguous network blocks (go look up The CIDR Report if you want to see these). And it finds its neighbours and peers by way of BGP, as previously noted.

I'll second the recommendation for Halabi's book, which remains the definitive text.

Good question, and though this isn't something that turns up every day, it's what's underlying your use of the Net.

I don't know that you need an explanation so simple/abstract but I couldn't help taking a crack at it too.

Imagine you had to deliver a package to a university but only through your direct friends. You'd have to hand it off to somebody who goes to that university or somebody who knows somebody(or knows somebody, etc) that goes to that university.

BGP helps routers maintain the list of their friends(other directly connected routers) that can get packages(packets) to remote locations(networks).

Can I suggest beg, borrowing or stealing a copy of Sam Halabi's "Internet Routing Architectures 2nd Edition":


It's probably not the most up-to-date treatment of BGP and Autonomous Systems, but it's pretty good for learning the basics.

It is the protocol that make internet just works. When you access a website, the website name is translated to an IP Address. And then your browser will send your request to that IP Address. How do you find that website IP Address?BGP helps you to find the correct path to that Address.

That's DNS. BGP is what helps the packets find the path across networks owned by different organizations to get to that address.

>>And then your browser will send your request to that IP Address. How do you find that website IP Address?BGP helps you to find the correct path to that Address.<<

Curious question for people with their finger on the networking pulse: are there planned changes for BGP related to IPv6/IoT or will the current scheme scale well?

I'm assuming "many more" networked devices being added to the global network will eventually result in more traffic and more ASs being connected.

Short answer is "no".

Long answer is, actually these changes already happened quite a while ago.

Most of the time, we tend to forget IPv6 is in fact more or less 20 years old now.

Support for IPv6 in OSPF (OSPFv3) was introduced in 2008 and support for IPv6 in BGP was added in 2007 (MP-BGP).

AS numbers encoding was also changed in 2007 (32bits ASN) to support all those new connected system.

It's not clear to me, what does the Large BGP Communities extension try to solve?

BGP is a path vector protocol so traditionally it only receives information from its direct peers. Community strings are for sending targeted info to a distant (or close) autonomous system, enabling you to effect mutually agreed upon changes in that AS. With a larger number if bytes available in a community strings it enables us to use community strings to convey a more complex set of instructions.


Registration is open for Startup School 2019. Classes start July 22nd.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact