Posts

Showing posts from May, 2019

Analysis of BGP on transport and application layer

Image
In this post I will be explaining some observations in relation to BGP (Border Gateway Protocol) on layers 4 and 7 of the OSI reference model. While it's clear why we are discussing layer 7 (application layer of the BGP itself), it may not be clear why would transport layer be relevant. The answer lies in BGP peer authentication. Peer authentication is a mechanism that BGP deploys to prevent attackers to inject/delete routes or interfere with the protocol in an unauthorised manner. Nowadays we will rarely see BGP implementation that do not deploy authentication of peers. So, let us have a look at the mechanisms of authenticated BGP operations. For this purpose, I installed quagga (1.2.4 is its most recent version as of time of the writing) from http://download.savannah.gnu.org/releases/quagga/. Quagga is a package that simulates various routing protocols as a Linux processes. I used only bgpd. Below is its relevant configuration. BGP is configured with a single AS (Autonomou...