In this week’s tip, we are looking at a use case unique to our popular Network Insights solution. Network Insights lets our users view their network path from end to end, providing detailed granular telemetry from four primary sources:
- Traceroute Monitoring
- BGP Monitoring
- DNS Monitoring
- Enterprise and Endpoint Monitoring
We could go into depth on any of these, but today we’re going to focus on Border Gateway Protocol (BGP) Monitoring.
BGP Leaks and Hijacks on the Rise
This issue has become more relevant than ever before with increasing number of BGP leaks and hijacks. One of the most significant incidents in recent years was the Verizon BGP route leak last year, which caused outages and slowdowns for a large number of Cloudflare customers, AWS also experienced issues. Earlier in the same month, BGP route leaks took out WhatsApp while another one in November 2018 led to significant outages across Google’s suite of services. As you’ll see in this week’s video, Catchpoint detected a major BGP leak just a few weeks ago.
Why BGP Problems Occur
As any network engineer will tell you, BGP is the Internet’s routing protocol. It is often described as the postal service of the Internet. After someone has dropped a letter into a mailbox, the postal service chooses the fastest route to deliver it. Similarly, after someone has submitted data across the Internet, BGP looks at all the possible paths that data could travel, then selects the best possible route, which usually involves hopping between autonomous systems (AS’s).
To continue the postal service analogy, AS’s are the equivalent to individual post office branches (essentially a group of networks within the Internet’s many networks). BGP routes are in essence agreements between different AS’s and because the whole system is essentially run on trust, if someone starts to broadcast a duplicate address or simply one that overlaps with an existing subnet, the new AS will start to get traffic not intended for it. This can lead to a cascading series of problems across the Internet.
Why BGP Monitoring is Essential
BGP wasn’t designed with a focus on security. It lacks a built-in mechanism to authenticate packets, thus is prone to attacks and misconfigurations, in particular, prefix hijacks and route leaks.
The consequences of a prefix hijacking or route leak can be significant. Ensuring the health of your BGP routes is one of the most critical elements to a robust network monitoring strategy.
In this video, you will:
- Understand why leaks and hijacks represent a critical problem for service providers and consumers;
- See what it looks like when Network Insights finds a BGP route leak;
- Watch how Traceroute allows you to trace the critical path of a service across every hop;
- Learn about the serious BGP leak at Cloudflare that Catchpoint detected just a few weeks ago and understand more about its root causes;
- Comprehend the value that Network Insights provides.
To find out more about BGP, check out The Comprehensive Guide to BGP, put together by our resident BGP experts, Alessandro Improta and Luca Sani.