As the Internet is a global system of interconnected computer networks and not owned by any single entity, how these computer networks connect with each other plays a role in determining the quality of your internet and ultimately your experience online.
Specifically, this post explains what an autonomous system (AS) is, what an autonomous system number (ASN) is, and the ways in which AS’s work together to exchange and route data from your device to a server located anywhere in the world and back again. This post also includes a discussion on transit and peering relationships, before analysing how Border Gateway Protocol (BGP) works as the routing protocol for the internet.
So what exactly is an autonomous system?
Autonomous Systems
An autonomous system (AS) is a collection of connected Internet Protocol (IP) routing prefixes under the control of one or more network operators on behalf of a single administrative entity or domain that presents a common, clearly defined routing policy to the internet.
Simply put, an AS is an internet service provider or a very large organization with independent connections to other networks.
RISE, as a business internet service provider in the Philippines, is just one AS, and its network is made up of physical fiber optic cables and routers connecting it to its customers and other autonomous systems around the world.
What is an ASN?
There are tens of thousands of autonomous systems in operation around the globe. Each AS must have an officially registered autonomous system number (ASN) to identify itself and communicate with other AS’s.
The ASN for RISE is AS63927 and can be found at bgp.he.net, where every ISP in the world has information listed about it on its network. Until 2007, all ASNs were 2-byte (16-bit numbers) which allowed for a maximum of 65535 networks, and now with the introduction of 4-byte (32-bit numbers), the new system provides for a total of 4,294,967,296 ASNs globally.
How do Autonomous Systems work together?
As no single AS has a direct connection to every device on the internet, an AS has to work with other AS’s to deliver customer traffic to its intended destination and back again. RISE works with other AS’s in the internet content delivery ecosystem in a number of ways. These are the three primary types of ASN relationships on the internet:
- By selling transit to other network providers to allow them to send traffic through RISE’s network, and via all of RISE’s many interconnects with other providers (making them a ‘customer’ of RISE.) This is similar to a standard internet service – it enables access to all of “the internet”;
- By peering with other network providers, allowing both RISE and the other network to access each other’s customer networks and services in order to exchange traffic; and
- By buying access or transit services from other networks in order to route RISE’s customer traffic across the internet.
The decision for the network engineers operating an AS to transmit data packets via peering or transit links is both commercial and technical in nature. For this reason, it is important to understand the differences between peering and transit and how your provider actually routes traffic, as these factors can impact the quality of your internet as an end user.
What are the differences between Peering and Transit?
Peering
Peering is a mutually beneficial relationship where two AS’s agree to directly exchange internet traffic between their customers, and typically neither party pays the other for the right to do so. Peering can help improve an end user’s internet experience due to the direct connectivity with the other partner’s network, therefore avoiding traffic settlement costs in the process.
This is why ISPs are engaging in peering relationships more and more. For example, if RISE and ‘Provider A’ are peered, traffic between RISE customers and ‘Provider A’ customers will go over a special high bandwidth connection in a data center. This connection is limited to their downstream customers, meaning neither party can see the other’s upstream/transit routes through peering.
Transit
IP Transit works by allowing traffic from one network to utilise the other provider’s network, usually used to connect a smaller ISP to the rest of the Internet. Transit is a paid service, so if you are an ISP buying transit from another provider, you are obtaining access to routes to the rest of the internet, including that provider’s downstream partners, peers, and upstream providers.
One of the key benefits of transit is that it is a simple service to implement. Once an ISP purchases transit, the transit provider will then be responsible for all its traffic needs. Transit can also include Service Level Agreements (SLAs), which make the internet usage experience more predictable. For many ISPs, buying transit from another ISP is seen as a necessity as peering is not always able to meet their traffic delivery needs.
Given that autonomous systems are run by companies, the structure of the Internet is constantly changing due to market related activities such as mergers, acquisitions and insolvency of these companies. With new systems popping up and existing systems becoming unavailable, every AS must be kept up to date with the latest information regarding new routes as well as any obsolete routes of other networks.
This is done through peering sessions where each AS connects to neighboring AS’s with a [TCP/IP connection] for the purpose of sharing routing information. Using this information, each AS is equipped to properly route outbound data transmissions coming from within its own network.
Now that we know who is responsible for carrying your data from your device to its destination and back again, we can turn to consider how data is routed across the internet.
Border Gateway Protocol (BGP): How does BGP work?
The majority of content accessed in the Philippines is hosted outside the country,with the original location of data often located on the other side of the world. Data has to travel from your device to a server then return to your device with the requested information. Regardless of the destination, data packets use the same mechanism or protocol for choosing the best path to reach your device. This is what is referred to as Border Gateway Protocol (BGP) and it determines how data packets choose a route for traveling across the internet. If you are in Manila and you load a website with origin servers in New York, BGP is the primary protocol that determines which path your packets take.
To further explain this concept, an analogy can be drawn with how the driving navigation app Waze works. Waze helps users determine the best and most efficient route to travel between Makati and BGC, for example, by providing an analysis of the shortest distance and traffic conditions.
Similar to Waze, BGP is responsible for looking at all of the available paths that your data packets could travel and then identifies the shortest route. Unlike Waze, however, BGPdoesn’t take into account congestion, or how much traffic is currently being sent over a particular route.
BGP has a complex path selection process, but fundamentally there are two primary metrics that influence the best path: commercial factors (through an attribute called “local preference”), and the number of AS’s between your network and the remote network (called the “AS Path Length”). When routing data packets, the commercial considerations are prioritized under BGP.
What are the limitations of BGP?
We can see from the Waze comparison that BGP does not take into consideration several of the important performance issues facing your internet connection today:
- BGP knows how many networks your traffic has to go through to reach its destination but not about the latency of the paths within those networks. As a result, one of the other key limitations of BGP is the creation of long paths for packets to travel on, based on the protocol simply detecting it as having the least amount of AS’s to navigate. These long paths can often cause large delays for internet users. Even when a more efficient path exists, BGP is likely to route traffic through a path with a high round trip delay.
- BGP does not possess the ability to detect packet loss, resulting in the same types of issues that large delays bring. This becomes quite a significant issue for businesses that use VoIP, corporate video conferencing and collaborative applications where packet loss dramatically affects their workflow.
- BGP also cannot detect and mitigate traffic spikes that go above any committed data rates and cause congestion.
- BGP is also vulnerable to a number of different malicious attacks and has seen hackers hijack parts of internet traffic in the past.
One particular example involving BGP in late 2018 saw Google lose control of several million of its IP addresses for more than an hour, making its search and other services unavailable for many users. This occurred as a result of a mishap route which misdirected traffic to China Telecom.
What these BGP limitations demonstrate is the vulnerability of the internet and the opportunity for internet service providers to mitigate the limitations of BGP. As BGP does not always provide your data with the best route, many high quality ISPs will have additional routing protocols to help find the most efficient route. This can help ensure that you receive a high quality internet connection with low latency.
Part 1 in our 7 part series has discussed the autonomous systems that carry your data across the internet and how they are being routed thanks to BGP. The next part will focus on how your data is broken down into data packets and then put back together in the right order thanks to Internet Protocol and Transmission Control Protocol.
