It’s understood that no single organization “owns” the Internet. Instead, we rely on the Border Gateway Protocol (BGP) to negotiate the flow of traffic from one autonomous system (AS) to another. By design, BGP is a path vector protocol. This means that routers only know the information their neighbors share with them; each router then only propagates the best path according to its own policy. Because each network operator applies their own policies, this results in each router having a unique view of the BGP routing table. These factors make obtaining an authoritative view of the entire global Internet routing table a significant challenge.
Historically, the leading Internet routing infrastructure projects have been maintained by not-for-profit entities and academic institutions, which have amassed extensive datasets using contributions from numerous BGP peers. However, sole reliance on third-party resources comes with risks, including potential outages and data integrity issues. Furthermore, geolocating these public monitors at a city level is a significant research challenge.
At ThousandEyes, we recognize the importance of accurately reflecting the routing status of the myriad prefixes across the Internet. So we built direct relationships with BGP peers around the globe to develop a network of ThousandEyes BGP monitors. And now, we are announcing the ThousandEyes Border Gateway Protocol Monitor network—an exciting enhancement to our renowned network monitoring capabilities that will significantly improve network operators' visibility and control of BGP.
The Authoritative View of the Internet Just Got More Authoritative
By overcoming traditional constraints and enhancing our ability to detect and respond to routing anomalies, we are empowering network operators and our customers to navigate the Internet's routing landscape with confidence and precision. The ThousandEyes BGP Monitor network has been designed with four specific goals in mind:
-
Comprehensive and High-quality Data: We’ve tackled the challenge of gathering BGP data from a multitude of sources by partnering with many geographically diverse entities who offer robust BGP peering connections and who provide full routing tables. These monitors are selected based on the following criteria: they support both IPv4 and IPv6 address families, they share full BGP tables, and they reflect a range of upstream providers. And, because we’ve deployed them directly, we know the city-level geolocation of each monitor with 100% accuracy.
-
Near Real-time Functionality: To deliver near real-time updates, we employ direct BGP connections. Despite inherent limitations like the Minimum Route Advertisement Interval, we've demonstrated that hijacks can be detected swiftly—sometimes in seconds, rather than minutes.
-
Source Traceability: It's crucial for us to be able to pinpoint the origin of each BGP update. We deploy Route Collectors in key Amazon Web Services regions, and we ensure that the IP addresses of routers are included with the routes we collect. This enables precise tracking of routing events and their sources.
-
Enhanced Security: Sophisticated hijackers can craft attacks that avoid detection by public monitoring infrastructures. For example, AS-path prepending can prevent path propagation to public route collectors. With our monitoring infrastructure, we illuminate "dark corners" of the Internet, which are sometimes invisible to public sources.
The new ThousandEyes BGP Monitor network represents our commitment to assuring every digital experience over any network. Stay tuned for updates as we continue to refine and expand our BGP services.