ASN and BGP Basics: How Internet Routing Actually Works

When you type a URL into your browser, your request travels across multiple networks operated by different organizations before reaching its destination. But how does each network know where to send your traffic next? The answer lies in two foundational internet technologies: Autonomous System Numbers (ASNs) and the Border Gateway Protocol (BGP).

Together, ASNs and BGP form the routing backbone of the internet. They determine the path your data takes across the globe, and when they malfunction, the consequences can be dramatic, as multiple high-profile BGP incidents have demonstrated by taking entire countries offline. This guide explains both concepts from the ground up, covering how they work, why they matter, and what happens when things go wrong.

What Is an Autonomous System?

An Autonomous System (AS) is a large network or group of networks managed by a single organization that presents a unified routing policy to the internet. Think of the internet not as one giant network, but as a collection of thousands of interconnected autonomous systems.

Examples of organizations that operate autonomous systems include:

• Internet Service Providers (Comcast, AT&T, Deutsche Telekom)
• Cloud and hosting providers (AWS, Google Cloud, Cloudflare)
• Large enterprises (Apple, Microsoft, banks)
• Content delivery networks (Akamai, Fastly)
• Academic networks (universities, research institutions)
• Government networks

Each autonomous system is identified by a unique number called an Autonomous System Number (ASN).

ASN Format

Originally, ASNs were 16-bit numbers (1 to 65535). As the internet grew, 32-bit ASNs were introduced (up to 4,294,967,295) via RFC 6793. Today, both formats are in use.

ASNs are allocated by Regional Internet Registries (RIRs):

You can look up ASN information for any IP address using our ASN Lookup tool, which shows the AS number, organization name, and the IP prefixes announced by that AS. You can also use our WHOIS Lookup to find registration details.

What Is BGP?

The Border Gateway Protocol (BGP) is the routing protocol that autonomous systems use to exchange routing information with each other. It is defined in RFC 4271 and is often called "the protocol that makes the internet work."

How BGP Works

BGP is a path-vector protocol. Each AS announces to its neighbors which IP address prefixes it can reach and the path (list of ASNs) required to get there. BGP routers make forwarding decisions based on these announcements.

Here is a simplified example:

1. AS65001 (your ISP) wants to reach IP prefix 198.51.100.0/24, which belongs to AS65003 (a web hosting company).
2. AS65003 announces to its neighbors: "I can reach 198.51.100.0/24. The path is AS65003."
3. AS65002 (a transit provider connected to AS65003) receives this announcement and propagates it: "I can reach 198.51.100.0/24. The path is AS65002 -> AS65003."
4. AS65001 receives this from AS65002 and now knows that to reach 198.51.100.0/24, traffic should be sent to AS65002, which will forward it to AS65003.
5. If AS65001 receives multiple paths to the same prefix, it selects the best one based on BGP's path selection algorithm.

BGP Path Selection

When a BGP router receives multiple routes to the same prefix, it uses a series of criteria to select the best path (the order varies slightly by vendor, but the general priority is):

1. Highest Local Preference: A locally configured value indicating route preference (higher is better)
2. Shortest AS Path: Fewer AS hops usually means a more direct route
3. Lowest Origin Type: IGP (originated within the AS) is preferred over EGP, which is preferred over Incomplete
4. Lowest MED (Multi-Exit Discriminator): A hint from the neighboring AS about which entry point to use
5. eBGP over iBGP: External BGP routes are preferred over internal ones
6. Lowest IGP metric to next hop: The closest exit point from the local AS
7. Lowest Router ID: A tiebreaker using the router's identifier

iBGP vs. eBGP

BGP operates in two contexts:

• eBGP (External BGP): Used between different autonomous systems. This is what we typically mean when we say "BGP."
• iBGP (Internal BGP): Used within a single autonomous system to distribute routes learned from eBGP peers to all internal routers.

Internet Peering and Transit

Peering

Peering is an arrangement where two autonomous systems agree to exchange traffic directly, usually for free. Peering happens at Internet Exchange Points (IXPs) or through direct private connections.

Example: A large ISP and a popular content provider might peer at multiple IXPs. The ISP's customers get faster access to the content, and the content provider avoids paying transit costs.

Transit

Transit is a paid arrangement where one AS (the transit provider) agrees to carry another AS's traffic to the rest of the internet. Think of it as paying for "full internet access" for your AS.

Example: A small ISP pays a Tier 1 provider (like Lumen, NTT, or Cogent) for transit. The Tier 1 provider has peering arrangements with all other Tier 1 providers, giving the small ISP access to the entire internet.

Tier 1 Networks

A Tier 1 network is an AS that can reach every other network on the internet solely through settlement-free peering (no paid transit). They form the topmost layer of the internet's hierarchy. As of 2026, there are approximately 15-20 Tier 1 networks globally.

You can trace the path your traffic takes through these networks using our Traceroute tool, and identify each hop's AS with our ASN Lookup.

BGP Incidents: When Routing Goes Wrong

BGP was designed in an era of implicit trust between network operators. It has minimal built-in security, which has led to several categories of incidents.

BGP Hijacking

A BGP hijack occurs when an AS announces IP prefixes it does not legitimately control. Because BGP has no built-in mechanism to verify ownership, other routers may accept the false announcement and begin routing traffic to the hijacker.

Notable examples:

• Pakistan vs. YouTube (2008): Pakistan Telecom announced YouTube's IP prefixes to block YouTube domestically, but the announcement leaked globally, causing YouTube to be unreachable worldwide for about two hours.
• China Telecom (2010): A Chinese AS briefly announced routes for roughly 50,000 prefixes belonging to other organizations, redirecting a significant portion of internet traffic through China for about 18 minutes.

Route Leaks

A route leak occurs when an AS inadvertently announces routes learned from one peer or transit provider to another, creating an unintended traffic path. Unlike hijacks, leaks are almost always accidental.

Notable examples:

• Google outage via Nigeria (2018): A Nigerian ISP leaked BGP routes that caused significant Google traffic to be misrouted through China and Russia.
• Cloudflare/Facebook outage (2019): A route leak by a small AS caused major performance issues for Cloudflare, Facebook, and other services.

BGP Misconfiguration

Simple configuration errors can have outsized effects. A fat-finger mistake in a BGP configuration can cause an AS to announce the wrong prefixes, withdraw legitimate routes, or set incorrect attributes.

Facebook outage (October 2021): A routine maintenance operation triggered a bug that withdrew all of Facebook's BGP routes. Facebook, Instagram, WhatsApp, and all related services were completely unreachable for approximately six hours. Because Facebook's internal tools also relied on BGP, engineers had difficulty even accessing the equipment to fix the problem.

BGP Security: RPKI and Route Validation

The Problem

BGP was designed without a way to verify that an AS is authorized to announce a given prefix. This lack of verification is what enables hijacking and makes route leaks so damaging.

Resource Public Key Infrastructure (RPKI)

RPKI is the leading solution. It allows IP address holders to cryptographically sign Route Origin Authorizations (ROAs), which declare which AS is authorized to originate a specific prefix.

How RPKI works:

1. The IP address owner creates a ROA signed with their RPKI certificate, stating "AS65003 is authorized to originate 198.51.100.0/24."
2. This ROA is published in a repository maintained by the RIR.
3. BGP routers download and validate ROAs, and can then mark incoming BGP announcements as:

- Valid: The announcement matches a ROA (correct AS and prefix)

- Invalid: The announcement contradicts a ROA (wrong AS or prefix)

- Not Found: No ROA exists for this prefix

1. Routers configured for route validation can prefer valid routes and reject invalid ones.

RPKI Adoption

As of 2026, RPKI adoption has grown significantly:

• Major cloud providers (AWS, Google, Cloudflare) validate routes using RPKI
• Roughly 50% of internet routes are now covered by ROAs
• Many large ISPs have implemented RPKI validation and filtering

However, full adoption remains a work in progress. Until all ASes participate, BGP hijacking remains possible.

Practical BGP Tools and Commands

Looking Glass Servers

Many networks operate "Looking Glass" servers that allow you to query their BGP routing tables remotely. This is useful for verifying how your routes appear from different vantage points on the internet.

Command Line (for network operators)

# Show BGP routing table (Cisco IOS)
show ip bgp

# Show BGP neighbors
show ip bgp neighbors

# Show routes for a specific prefix
show ip bgp 198.51.100.0/24

# Show AS path to a destination
show ip bgp 198.51.100.0/24 | include path

Online Tools

Our ASN Lookup tool provides detailed information about any AS, including:

• The organization name and registration details
• All IP prefixes announced by that AS
• The RIR that allocated the ASN

You can also trace the network path to any destination with our Traceroute tool, which reveals the series of ASes your traffic traverses. For IP-level details about any address you encounter, use our IP Lookup tool.

How BGP Affects You

Even if you are not a network operator, BGP impacts your internet experience:

• Website outages: When BGP routes are withdrawn or hijacked, websites become unreachable regardless of whether the servers themselves are running.
• Performance variation: BGP path selection determines whether your traffic takes an efficient, direct path or a slow, circuitous one.
• Privacy implications: BGP hijacking can redirect your traffic through malicious networks that inspect or modify your data (though HTTPS protects against content modification).
• Geographic routing: BGP influences which data center serves your requests. CDNs rely on BGP to route users to the nearest server.

You can use our Speed Test to measure your current connection performance and our Traceroute to see the actual path your traffic takes.

Key Takeaways

• Autonomous Systems (ASes) are the building blocks of the internet, each identified by a unique ASN
• BGP is the protocol that ASes use to exchange routing information and determine traffic paths
• BGP selects routes based on policy (local preference), path length, and various tiebreakers
• BGP has minimal built-in security, making it vulnerable to hijacking and route leaks
• RPKI provides cryptographic verification of route origins and is the primary solution for BGP security
• Major BGP incidents have caused global outages for services like YouTube, Facebook, and Google
• Use our ASN Lookup to explore AS information and our Traceroute to see BGP routing in action

Related Articles:

• Subnet Calculator Guide: Understanding CIDR Notation and Subnetting
• DNS Records Explained: A Complete Guide to A, AAAA, MX, NS, TXT, and CNAME
• Reverse DNS Explained: What PTR Records Are and Why They Matter