The Internet Is a Network of Networks
The internet is not a single network owned by one organization — it is a collection of roughly 100,000 independent networks called Autonomous Systems (ASes), each assigned a unique Autonomous System Number (ASN). These include ISPs (Comcast is AS7922, AT&T is AS7018), cloud providers (AWS is AS16509, Google is AS15169), CDNs, universities, and corporations.
Each autonomous system manages its own internal routing. But they must also exchange routing information with each other to allow global connectivity. Border Gateway Protocol (BGP) is the standardized protocol they use to do this — it is, quite literally, the routing protocol that holds the internet together.
When you visit a website, your traffic may cross three to fifteen different autonomous systems, each making independent routing decisions using their BGP routing tables. BGP determines which AS paths are available and which to prefer. Every IP address is "owned" by an AS — you can discover which AS controls any IP using our IP lookup tool, which shows the ASN, AS name, and route prefix.
BGP was designed in 1989 on two napkins — famously, the "two-napkin protocol" — and has evolved through experience rather than formal redesign. It underpins the entire global internet despite its age and original simplicity.
How BGP Route Advertisement Works
BGP is a path-vector protocol. Unlike interior routing protocols (OSPF, IS-IS) that optimize for shortest path, BGP's fundamental metric is the AS path — the list of autonomous systems a route must traverse to reach a destination prefix.
Here is how BGP route propagation works:
- Cloudflare (AS13335) owns the IP block
104.16.0.0/12. It advertises this prefix to its upstream transit providers and peers. - Each peer that receives the advertisement adds its own ASN to the AS path and propagates it further. Cloudflare's peer might advertise:
104.16.0.0/12 via AS13335. That peer's upstream might advertise:104.16.0.0/12 via AS5678, AS13335. - When a router receives multiple paths to the same prefix, it selects the best one using BGP's decision process: prefer shorter AS paths, then lowest MED (Multi-Exit Discriminator), then local preference, then IGP cost to the next hop.
- The selected path enters the router's forwarding table. Packets destined for
104.16.x.xare forwarded toward that next hop.
BGP peering sessions run over TCP port 179 between neighboring routers (peers). Peers exchange their full routing tables at session establishment, then send only incremental updates as routes change. The global BGP routing table contains over 1 million prefixes as of 2026 — this is the "default-free zone" (DFZ) routing table that every Tier 1 ISP must hold in memory.
BGP Route Leaks and Hijacking
BGP was designed for a trusted network of cooperating organizations — it has no built-in authentication. This makes it vulnerable to two classes of incidents:
BGP Route Leaks: An AS accidentally advertises routes it should not — typically by misconfiguring its BGP policy and propagating routes received from one provider to another provider (instead of only to customers). In 2010, a small Indonesian ISP leaked routes from Telkom Indonesia to Indosat, briefly routing significant global traffic through their small network. In 2019, Verizon accepted a route leak from Cloudflare customer DQE Communications, causing a major internet outage.
BGP Hijacking: A malicious or misconfigured AS advertises prefixes it does not own. Because BGP prefers more specific routes, advertising a smaller prefix (e.g., /24 instead of the legitimate /20) attracts traffic. Used for: email spam (hijack an IP block temporarily to send spam, then release it), cryptocurrency theft (hijack BGP to intercept traffic to a mining pool), and traffic interception by nation-states.
Famous hijacking incidents: In 2018, traffic for major US companies (including Google and Amazon) was briefly rerouted through China Telecom due to a suspicious BGP advertisement. In 2022, researchers documented systematic BGP hijacking by state actors to intercept encrypted traffic.
Use our IP lookup tool to see the current BGP routing information for any IP address, including which ASN is announcing the prefix.
BGP Security: RPKI and Route Filtering
The BGP security community has developed mechanisms to validate route advertisements:
RPKI (Resource Public Key Infrastructure): A cryptographic framework that allows IP address holders to publish Route Origin Authorizations (ROAs) — signed statements declaring which ASNs are authorized to originate specific prefixes. Routers configured to perform Route Origin Validation (ROV) can detect and drop RPKI-invalid routes (those that do not match any ROA or violate max-length constraints).
RPKI deployment has accelerated significantly — as of 2026, major providers including AT&T, Comcast, Verizon, and most European ISPs perform ROV. The percentage of the internet's address space covered by valid ROAs now exceeds 50%, providing meaningful protection against the most common hijacking attacks.
IRR Filtering: Internet Routing Registries (IRRs) like ARIN, RIPE, and RADB allow networks to publish routing policy. Operators use IRR data to generate BGP prefix filters, accepting only routes that a customer or peer has registered. Less cryptographically secure than RPKI but widely deployed.
MANRS (Mutually Agreed Norms for Routing Security): A global initiative where networks commit to four concrete actions: filtering (prevent propagation of incorrect routes), anti-spoofing (prevent IP source address spoofing), coordination (maintain globally reachable contact information), and global validation (publish routing information in public databases).
BGP and Internet Outages
Because BGP connects all autonomous systems, a BGP misconfiguration can rapidly cascade into a global internet incident. Some notable examples illustrate the fragility:
Facebook Outage (October 2021): Facebook's entire infrastructure — Facebook, Instagram, WhatsApp — went offline for approximately six hours. The cause: a BGP configuration error during maintenance withdrew Facebook's prefixes from the global routing table. Every router on the internet stopped knowing how to reach Facebook's IPs. DNS servers that were hosted within Facebook's AS also became unreachable, preventing self-correction.
AWS Outage (December 2021): A BGP issue in a US-EAST-1 network device caused widespread AWS service disruptions, affecting applications globally that depended on AWS APIs.
Pakistan Telecom vs YouTube (2008): Pakistan Telecom attempted to block YouTube domestically by announcing a more-specific BGP route. Due to poor filtering by their upstream provider PCCW, the route propagated globally, causing YouTube to be unreachable worldwide for approximately two hours.
These incidents illustrate why CDNs and multi-cloud deployments with independent BGP paths improve resilience. Our ping test can help identify connectivity issues that may be BGP-related — routing changes often produce sudden latency increases or packet loss to specific destinations.
Look Up Any IP's BGP and ASN Data
Our free IP lookup tool shows the Autonomous System, route prefix, and geolocation for any IP address on the internet.
Hide My IP Now
Frequently Asked Questions
What is an Autonomous System Number (ASN)?
An ASN is a unique number assigned to an autonomous system — a network under a single administrative control with a unified routing policy. ASNs can be 16-bit (1-65535) or 32-bit (65536-4294967295). ISPs, cloud providers, and large enterprises each have their own ASN. You can look up the ASN for any IP address using our <a href="/lookup">IP lookup tool</a>.
What is BGP peering?
BGP peering is a bilateral agreement between two networks to exchange routing information. 'Peers' exchange routes directly without paying a transit provider. Networks peer when the mutual exchange of traffic is roughly balanced — it reduces costs compared to paying a transit provider for all traffic. Large peering occurs at Internet Exchange Points (IXPs) where many networks interconnect physically.
How does BGP relate to my internet speed?
BGP determines which path your packets take across the internet. A suboptimal BGP route might send your traffic halfway around the world instead of a direct path, adding unnecessary latency. ISPs and CDNs carefully manage their BGP routing to optimize path selection. Our <a href="/ping">ping test</a> measures actual round-trip latency, which reflects the quality of the BGP paths between you and the destination.
Can BGP be used to make internet traffic more secure?
Yes, through RPKI and ROV (Route Origin Validation). By deploying RPKI, networks can cryptographically verify that route announcements are authorized by the legitimate IP address holder, preventing most hijacking attacks. Additionally, BGP policies can enforce that traffic between two specific networks takes a known, controlled path rather than potentially traversing untrusted networks.
