BGP Still Contains 20-Year Old Insecurities

According to an article from the AP, BGP (Border Gateway Protocol) still contains weaknesses that could result in widespread loss of Internet connectivity.

The article spends an inordinate amount of time explaining that this has already happened in certain areas for other reasons, and only discusses BGP briefly (relative to the rest of the article).

It is, however, a real problem. Current protocol changes (to improve security) include a wide range of protocols: DNS-SEC, SNMP v4, SMTP (with message submission and encryption), POP3S, IMAPS, and others. Even IPv6 involves changes to increase security.

It is unfortunate that the routing backbone of the Internet is still suffering from reliability problems after all these years – even after the president said that fixing it was top priority.

The problems go beyond just security, but stability and scalability as well. Is it time for a replacement or redesign of BGP?

One thought on “BGP Still Contains 20-Year Old Insecurities”

  1. I’d say it’s well overdue a replacement. Its resilience to misconfiguration or accidental fat fingering is appalling.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: