Environments with the BGP protocol.1
The BGP Cross-domain Routing Protocol (Border Gateway Protocol) version 4.0 is now widely used for routing on the global Internet. All the routing protocols that we discussed earlier are designed for routing in local area networks. It is impossible to use RIP or even OSPF on a global network due to a number of limitations inherent in a global network. One of the main limitations is that there is no single point of administration or unified management on the global Internet, as is usually the case in large corporate networks. Different segments of the Internet are located in different countries and belong to different providers, which affects the routing requirements.
Since the BGP protocol is currently used for routing on the global Internet, we will pay a lot of attention to security issues in this protocol. But first, let's talk about the device of this protocol.
The difference between BGP and other dynamic routing protocols is that it is designed to exchange route information not between individual routers, but between entire autonomous systems, and therefore, in addition to information about routes on the network, it also transfers route information to autonomous systems. BGP does not use technical metrics, but selects the best route based on the rules adopted by the network. It is worth noting here that many nodes on the Internet pass through significant transit traffic, which limits the capabilities of the node's direct customers. As a rule, this traffic is not paid for in any way. Administrators can significantly limit or even exclude such transit traffic under the BGP protocol, but they usually do not do this, realizing that their clients create the same transit traffic for other nodes. The selfish behavior of the administrators would have split the Internet into a series of feuding feudal fortresses. However, some Russian providers use BGP's capabilities to fight their competitors, in particular to limit transit traffic from their competitors. As an example of such "competition", one can cite the fact that when accessing from a node located in one area of Moscow to a node located in another area, traffic can go through Finland or Sweden. In other words, it is easier for Moscow providers to negotiate the exchange of traffic with foreign partners than with their own neighbors.
In the following posts, we will look at examples of the main attacks on the BGP protocol.
Oleg Petukhov, lawyer in the field of international law and personal data protection, information security specialist security, protection of information and personal data.
Telegram channel: https://t.me/protectioninformation
Telegram Group: https://t.me/informationprotection1
Website: https://legascom.ru
Email: online@legascom.ru
#informationprotection #informationsecurity
