Border Gateway Protocol (BGP)

XXX - add a brief BGP description here

History

XXX - add a brief description of BGP history

Protocol dependencies

• TCP: Typically, BGP uses TCP as its transport protocol. The well known TCP port for BGP traffic is 179.

Example traffic

BGP sample update message.

Wireshark

The BGP dissector is (fully functional, partially functional, not existing, ... whatever the current state is). Also add info of additional Wireshark features where appropriate, like special statistics of this protocol.

Using Wireshark to decode BGP

Preference Settings

(XXX add links to preference settings affecting how BGP is dissected).

Example capture file

bgp.pcapng.gz (pcapng) BGP packets between three peers using communities and announcing six networks. The BGP implementation is FRRouting.

Display Filter

A complete list of BGP display filter fields can be found in the display filter reference

Show only BGP traffic:

 bgp

Capture Filter

You cannot directly filter BGP protocols while capturing. However, if you know the TCP port used (see above), you can filter on that one.

Capture BGP traffic over the default port (179):

 tcp port 179

External links

• RFC 1771 A Border Gateway Protocol 4 (BGP-4)

• RFC 1965 Autonomous System Confederations for BGP

• RFC 1997 BGP Communities Attribute

• RFC 2547 BGP/MPLS VPNs

• RFC 2796 BGP Route Reflection - An Alternative to Full Mesh IBGP

• RFC 2842 Capabilities Advertisement with BGP-4

• RFC 2858 Multiprotocol Extensions for BGP-4

• RFC 2918 Route Refresh Capability for BGP-4

• RFC 3107 Carrying Label Information in BGP-4

Discussion

Imported from https://wiki.wireshark.org/BGP on 2020-08-11 23:11:31 UTC