How to BGP With a Service Provider

This is something you don’t typically see on the Internet. Or perhaps I wasn’t seeking hard enough. When I was learning BGP in 2013, everything in my lab was beautiful. I was able to form neighbors, advertise my networks, do some filtering, etc. But I always wondered. What about in the real world? What is the process to obtain BGP for a business and advertise public addresses to the outside world?.

I searched the internet countless times about acquiring and configuring BGP for a business, and nothing. The way I learned was when I worked for a few companies. They wanted me to implement BGP for different sites, including data centers.

Long story short, I had to do a lot of digging to get this going. I had to contact my internet provider, do some research, and contact my regional Internet registry (RIR). In this case, ARIN. It took some time, but after filling out some forms and showing justification of why I need /24 block addresses, my request was granted.


So, If you have never done this before or dont know where to start, dont stress out. I’ve got you covered. I will show you the process of how to request IP addresses and ASN, followed by the peering process with the ISP.

But first of all, let me accentuate that the BGP peering I will talk about will be multi-homing. And let me tell you why. In my experience, acquiring BGP with a single point of failure doesn’t make sense. Because if I lose the circuit, the whole organization will be down for God knows how long. However, the scenario may vary for some organizations. There are different types of topologies, such as single-homed, dual-homed, and multi-homed. See the image below.

Now, let me explain why multihoming. Firstly, I’ve never encountered an environment with a single-homed configuration unless the budget is tight or you have some special requirements. The environment I’ve always witnessed has two internet providers. For example, Verizon is its primary circuit, and Cogent is its backup circuit. So if one link goes down, traffic will fall back to the backup circuit.

Picture this for a second. Suppose that you’ve purchased a block of /24 public addresses, right? And your public Ip addresses start from 50.0.0.1 – 50.0.0.254. You have 254 addresses for you to use and NAT when needed.

Now, let’s presume that you have 150 web servers visible to the Internet. If one of your Internet connections goes down, you still have the backup Internet to fallback, and thus your clients can reach your 150 web servers via the same public addresses 50.0.0.1-50.0.0.254. That’s awesome, right?


Look at this multi-homed design.

Let me break this configuration for you.


The Circuits

You have two internet service providers. Verizon and Cogent. The Verizon line has 1gbps speed, and Cogent has 500mbps. Verizon line has priority over Cogent because of its traffic manipulation using “Path prepend.” We can talk about this later. But to give you an idea, you can manipulate what link becomes primary for all the incoming traffic. This will depend on what you agree with the providers. Manipulating incoming traffic can be crafty sometimes.

The same thing applies to outbound traffic. You can do load sharing rather than having one internet active and the other passive. This type of configuration doesn’t involve your ISP. By utilizing the attribute “local preference,” you can control how traffic exits your network.

The Verizon circuit is simulated to be down due to some wiring issue from the ISP. But as you can see, the cogent line is still functional, allowing internal and external networks to communicate.