BGP

Border Gateway Protocol (BGP)

BGP is the standard exterior gateway protocol designed to exchange routing and reachability information among autonomous systems (AS) on the Internet. As a path-vector protocol, BGP makes routing decisions based on paths, network policies, and rule-sets configured by administrators rather than purely on traditional technical metrics.

History

BGP was initially introduced in RFC1105 in 1989 to replace the older Exterior Gateway Protocol (EGP) and enable a fully decentralized internet routing architecture. The protocol has undergone several revisions to handle the rapid expansion of the Internet with the current standard, BGP-4, being defined in RFC4271 in 2006 to add support for CIDR.

Protocol dependencies

Example traffic

BGP sample update message.

BGP update message

Wireshark

The BGP dissector is (fully functional, partially functional, not existing, ... whatever the current state is). Also add info of additional Wireshark features where appropriate, like special statistics of this protocol.

Using Wireshark to decode BGP

Preference Settings

(XXX add links to preference settings affecting how BGP is dissected).

Example capture file

bgp.pcapng.gz (pcapng) BGP packets between three peers using communities and announcing six networks. The BGP implementation is FRRouting.

Display Filter

A complete list of BGP display filter fields can be found in the display filter reference

Show only BGP traffic:

 bgp

Capture Filter

You cannot directly filter BGP protocols while capturing. However, if you know the TCP port used (see above), you can filter on that one.

Capture BGP traffic over the default port (179):

 tcp port 179

External links

Discussion

Imported from https://wiki.wireshark.org/BGP on 2020-08-11 23:11:31 UTC