August 2015 | 6 min read
Introduction
BGP (Border Gateway Protocol) plays a foundational role in modern enterprise network design, particularly in multi-site environments where policy-based routing and path optimization are critical. In the early days of networking, static routing and simple IGPs like OSPF or EIGRP sufficed for internal path determination. However, the complexity of today's enterprise WANs—with multiple internet uplinks, cloud interconnects, MPLS, and hybrid SD-WAN overlays—demands a more sophisticated control plane. This is where BGP excels.
Despite its origins as an exterior routing protocol, BGP's flexibility and rich attribute system allow it to be deployed internally (iBGP) to enforce granular path selection and traffic engineering policies. This article unpacks the key BGP attributes that influence path control and explores how they can be harnessed in enterprise scenarios to meet business and technical requirements.
BGP Attributes Overview
At the heart of BGP's decision-making process lies its attribute-based path evaluation system. Each route received via BGP is associated with a set of attributes that influence the best path selection. Some attributes are well-known and mandatory; others are optional or transitive, allowing custom behavior across autonomous systems.
The most commonly used attributes in enterprise routing are:
- Weight: Cisco proprietary and local to the router. Highest weight wins.
- Local Preference: Used within an AS to prefer exit points; higher is better.
- AS-Path: Shorter paths are preferred. Useful for loop prevention and basic routing policy.
- Origin: Preference is IGP > EGP > Incomplete.
- MED (Multi-Exit Discriminator): Suggests preferred entry points to neighboring ASes; lower is better.
- Community and Extended Community: Tags to apply policies across route-maps and peer groups.
These attributes form the foundation of route manipulation strategies. They can be set or filtered using route-maps, prefix-lists, and policy-based routing statements.
Path Selection Mechanisms
Once BGP has collected multiple paths to the same destination prefix, it must determine the best route to install in the RIB (Routing Information Base). The BGP decision process is deterministic and follows a predefined sequence of attribute comparisons. This hierarchy is crucial to understand when implementing policy.
- Prefer the path with the highest Weight
- If equal, prefer the highest Local Preference
- If equal, prefer routes originated by the local router (originated via network or aggregate)
- Prefer the shortest AS Path
- Prefer the lowest Origin code (IGP < EGP < Incomplete)
- Prefer the lowest MED (if paths are from the same AS)
- Prefer eBGP over iBGP routes
- Prefer the path with the lowest IGP metric to the BGP next hop
- Prefer the oldest route (to promote stability)
- Prefer the path with the lowest router ID
This sequence ensures consistent behavior, but it can be altered using policy tools like route-maps, where administrators inject logic to override natural decisions based on business constraints, application performance, or link costs.
Policy Enforcement Strategies
BGP's real strength is in its ability to enforce policy at various points in the network. For instance, an enterprise might wish to prefer MPLS for VoIP traffic, but prefer DIA (Direct Internet Access) for cloud SaaS like Office 365. BGP can implement such logic by setting communities and local-preference tags at ingress points, then adjusting outbound decisions accordingly.
Key tools include:
- Route-maps: Act as conditional logic gates, permitting or modifying routes based on ACLs, prefix-lists, or communities.
- Prefix-lists: Fine-grained match filters for route announcements.
- Community tagging: A scalable way to label routes for downstream processing.
- Policy-based routing: Allows forwarding decisions based on fields like source IP or DSCP, outside of normal destination-based routing.
These tools allow enterprises to model policy that reflects business structure: preferring cheaper bandwidth for non-critical data, segmenting traffic flows per department, or engineering failover paths that meet SLA thresholds.
Enterprise Use Cases
Several real-world use cases highlight the power of BGP path control:
- Dual WAN Uplink: Enterprises with both MPLS and Internet connections can use local-pref and communities to route critical traffic over MPLS and bulk traffic over broadband.
- Inter-branch Traffic Engineering: Sites connected via multiple service providers can influence inbound path selection by adjusting MED or AS-PATH prepending.
- Cloud On-Ramp: Enterprises with direct connections to Azure/AWS/GCP can tag routes to prefer the closest PoP (Point of Presence).
- Redundancy & Failover: BGP timers and route withdrawal behavior can be tuned to speed up convergence in case of WAN failures, combined with static fallback routes as safety nets.
These patterns repeat across industries—whether it's a retail chain, a manufacturing plant with IoT gateways, or a university with hybrid connectivity.
Summary and Recommendations
Understanding BGP attributes and their role in path control is essential for any network engineer tasked with ensuring availability, performance, and policy compliance in modern enterprises. By leveraging tools like local-pref, MED, route-maps, and communities, organizations can design flexible, robust networks that respond to changing demands and operational conditions.
As enterprises continue to adopt SD-WAN and cloud architectures, BGP remains not only relevant but critical for integrating overlay control with underlay infrastructure.