How BGP Selects the Best Route for Your Packets
Knowing how to manipulate BGP attributes enables you to maximize your network’s performance and ultimately improve your applications’ user experience.
Border Gateway Protocol, or BGP, is the engine that keeps the internet running. This routing protocol organizes networks into Autonomous Systems that represent the IP addresses each organization owns and operates. It enables organizations to connect one another's ASes and selectively exchange routing and reachability information to provide dynamic, efficient and resilient routing.
Other link-state and distance-vector routing protocols like Open Shortest Path First (OSPF) and Enhanced Interior Gateway Routing Protocol (EIGRP) use metrics such as lowest cost or bandwidth-to-delay ratios to select the best routing path when multiple paths are available. As a path-vector routing protocol, BGP selects the best routing path based on its path attributes. BGP path attributes provide granular control over routing decisions, allowing administrators to specify which ASes should be used for forwarding. This is essential for large-scale networks, especially the internet.
This article is about the process BGP uses for best path selection and the knobs and levers that are available to administrators who need to optimize their BGP routing.
Why Understanding BGP Path Selection Is Important
Due to its scalability and decentralized architecture, BGP is used for routing internet traffic. Each AS advertises its networks and makes independent routing decisions. However, because the internet is dynamic, ASes are constantly appearing and disappearing, and its structure is continually affected. In addition, since ASes are run by competing businesses, financial considerations—such as charging for access—can influence routing paths. Administrators must evaluate the routes advertised to their AS and be ready to control the flow of internet traffic accordingly.
More on BGP:
- BGP Confederations vs. Route Reflectors and How to Choose the Right One
- BGP Hijacking and How to Guard Against It
For network engineers and administrators, understanding BGP attributes and how they affect traffic forwarding can have a major impact on their network's reliability and performance. BGP attributes can be manipulated to determine which path out of the local AS should be used for outgoing traffic, as well as where in the AS incoming traffic should arrive. If your internet edge has multiple BGP connections through different ASes, you may want to engineer traffic so that it uses the cheapest, fastest or most stable connection and ensure that traffic is routing symmetrically (returns on the same path it went out on and vice versa). Manipulating BGP attributes allows you to maximize the performance of the network and ultimately provide a satisfying user experience.
How BGP Selects the Best Path
Initially, BGP inspects the attributes of each route it receives to assess its validity for traffic forwarding. A path is valid when the advertised next hop is reachable and the AS path attribute does not contain the router's own AS (otherwise it would contain a loop). The first received valid path is tentatively deemed the best path until another valid path is available. When this occurs, BGP commences its best path selection algorithm, going attribute by attribute in a top-down fashion while comparing each valid path. When two or more paths have an equal value for an attribute, BGP moves on to the next attribute in the list, over and over, until a single route remains. Once BGP identifies a preferred route, it commits the route to the route table for traffic forwarding:
BGP path attributes are included in BGP update messages, which communicate advertised path information between neighbors. BGP path attributes come in four categories:
- Well-known mandatory: Attributes are universally recognized by all BGP routers and included in every update message.
- Well-known discretionary: Attributes are also universally recognizable by all BGP routers but don't need to be included in every update.
- Optional transitive: Attributes are transitive between ASes, meaning even if a BGP router does not support the attribute, it can still receive routes containing this attribute and advertise them to other peers.
- Optional non-transitive: Attributes are not passed on in route advertisement and can be ignored if a BGP router does not support them.
The following is a list of BGP attributes that are commonly used for path selection in the order that BGP assesses them.
Weight
The path with the highest weight is preferred. When a path has the highest weight of all valid paths, the algorithm stops, and the best path is chosen. This attribute is set on the local router and is not shared with any BGP neighbors.
Cisco invented the weight attribute, and therefore it's proprietary, but other vendors have also implemented this attribute. By default, the weight attribute is set to 32,768 for routes originated on the local router and 0 for routes learned from a neighbor. The weight attribute can be set to any value between 0 and 65,535.
Adjusting the weight attribute is a convenient way to ensure a specific path is selected for outgoing traffic. For example, your edge router might have two BGP neighbors advertising a default route to the internet, but one has higher bandwidth. You can adjust the weight of the path through the faster link to be higher than the path through the slower link, ensuring that it's selected as the best path for internet traffic on the router. If the weight attribute is equal on multiple routes, BGP proceeds to the next attribute check in the list.
Configuring BGP on Equinix dedicated cloud:
- Configuring BGP with FRR on an Equinix Metal Server
- Configuring BGP with BIRD on an Equinix Metal Server
- Elastic IPs with BGP
Local Preference
The path with the highest local preference is preferred. This is a well-known discretionary attribute that is shared with all routers in the local AS. The default value is set to 100, and the configurable range is between 0 and 200.
You can use the local preference attribute to influence the best path for outgoing traffic across your entire AS. An example might be when there are two routers (A and B) at the network edge with a BGP interconnect in the same AS, and you want to ensure that outgoing traffic egresses at router A even if it first arrives at router B. In this scenario, you can set the local preference for the route on router A to be 101 or higher, and router B will use the egress path via router A instead of its own learned route. If the local preference is equal on multiple routes, BGP proceeds to the next attribute check in the list.
Originate
The path originating from the local router is preferred. A locally originated path is any route that is sourced, redistributed or summarized by the local router. In addition, if multiple locally originated paths remain, self-sourced and redistributed routes are preferred over summarized routes. If BGP does not have any locally originated routes or there is more than one locally originated route, BGP moves to the next step in the process.
If you want to know whether a route originated locally, check the next hop IP address in the BGP table. If it shows 0.0.0.0 in IPv4 networks or a blank value in IPv6 networks (as per the example below), the route originated locally:
AS Path
The path with the shortest AS path length is preferred. AS path is a well-known mandatory attribute that is a record of the ASes that a route has traversed. AS path is also used by BGP as a loop prevention mechanism by denying external routes that contain the router's AS number.
AS path is frequently used as a transmittable method of engineering BGP traffic beyond the local AS. You can manipulate the AS path attribute to influence inbound and outbound traffic. For example, if there are two routers at the edge of your AS and you want incoming client traffic to flow through one router (A) over the other (B), you can advertise your prefixes with additional ASes in the AS path on router B, causing the BGP neighbors to route traffic via router A. To ensure symmetric routing outbound, you can also append to the AS path for the outgoing destination routes on router B. If the AS path length is equal on multiple routes, BGP proceeds to the next attribute check in the list.
Origin Code
The path with the lowest origin code is preferred. IGP is lower than EGP, which is lower than Incomplete. When a BGP route is advertised, the way a route was introduced to BGP is represented by a mandatory origin code attribute:
- i (IGP) means that the route was statically advertised in the network using BGP.
- e (EGP) means that the route was introduced using a pre-BGP routing protocol called the Exterior Gateway Protocol (EGP), which is no longer in use.
- ? (Incomplete) means that the route was redistributed into BGP.
Because EGP is not in use today, the rule simply becomes "paths with the IGP origin code are preferred over paths with the incomplete origin code." This means that a route sourced using the BGP network is preferred over a route redistributed from another protocol. This attribute is not to be confused with the originate attribute. If the origin code is equal on multiple routes, BGP proceeds to the next attribute check in the list.
Multi-Exit Discriminator
The path with the lowest Multi-Exit Discriminator (MED) is preferred. The MED is an optional non-transitive attribute that provides hints to external neighbors about the preferred path into an AS with multiple entry points. You can use this attribute to influence incoming and outgoing traffic by making the MED lower for routes over the preferred neighbor connection.
While the value ASesignment range for MED is between 0 and 4,294,967,295 (2^32 - 1), paths without a MED ASesigned are ASesigned a value of 0. If you want to influence traffic using the MED attribute, you need to increase the MED of the less preferred paths. It's important to remember that this attribute is shared with the neighboring AS, propagated around that AS, and no further. You can only use MED to influence ingress and egress at the edge of your AS and no further.
If at this point BGP has not determined the best path, it will begin to use the tiebreaking measures detailed in the sections that follow. These measures are tiebreakers because they don't rely on BGP path attributes that administrators can manipulate. Instead, they compare the static properties of each route to ensure that a single path can be deemed superior.
eBGP over iBGP
eBGP paths are preferred over iBGP paths. In other words, paths from neighbors belonging to external ASes (external BGP or eBGP) are selected over paths from neighbors in the local AS (internal BGP or iBGP). This is because eBGP prefers to exit the AS as quickly as possible to ensure efficient routing by reducing transit costs (that is, fewer IP hops). It's not possible for a path originating from the local AS to be routed to the external AS via eBGP and back to the local AS because of the loop prevention in the AS path attribute. Therefore, a valid eBGP path will always be more efficient than an iBGP path. BGP proceeds to the next check if there are no eBGP paths or only eBGP paths remaining.
Shortest IGP Path
The path with the shortest IGP path to the BGP next hop is preferred. If there are only iBGP paths left, this check compares the metric or cost of the Interior Gateway Protocol (IGP) routes to the BGP path's next hop. If there are no iBGP paths or the IGP metrics are the same between the remaining paths, BGP proceeds to the next check.
Router ID
The path that comes from the BGP router with the lowest router ID is preferred. The router ID of a BGP router is shared in BGP messages and can be manually or automatically ASesigned. This is the last way for BGP to tiebreak between routes from two routers with equal attributes.
Peer IP Address
The path that comes from the BGP router with the lowest neighbor address is preferred. The neighbor address is the IP address that is used in the BGP neighbor configuration, or the IP address used to establish the TCP connection with the remote peer. This check occurs when the remaining routes traverse through the same router over multiple BGP connections ( multihoming).
How to Manipulate BGP Path Selection
When you need to influence the best path for a destination in your AS, consider how far you need your attributes to propagate and whether the traffic flow will be outbound, inbound or both:
- If you only need to determine the primary path for outbound traffic of the local router, use the weight attribute.
- If you need your local AS to egress using a specific router at the edge, increase the local preference of routes on that router above the default (100).
- If you want to direct inbound and outbound traffic across your AS and external ASes through a particular router, append the AS path on the routers with alternative paths to the destination.
- If you intend to shape inbound traffic through a particular ingress point in the local AS and not influence traffic patterns beyond the neighboring AS, configure the MED value of your less-preferred paths to be higher than the preferred path. Because MED is set to 0 by default, this value must be configured on all paths you want to factor into path selection using MED.
Conclusion
BGP serves as the backbone of the internet, reliably and efficiently moving data between different networks. In this article, you learned about the process BGP uses to select the best path for routing traffic and the ways you can influence BGP path selection in your AS. BGP attributes such as weight, local preference, AS path and MED serve as the most common mechanisms for network engineers to influence BGP traffic flows based on business and performance requirements.
If your team needs to be in full control of BGP routing on the network running your application, take a look at Equinix dedicated cloud, where you get automated bare metal compute and storage globally that’s interconnected with a fast, private network that gives you control over exactly how your packets are routed, including BGP support.