DISCLAIMER: This page is continuously expanded with new terms.
Internet Protocol (IP)
The network layer communications protocol in the Internet protocol suite for relaying datagrams (data packets) across network boundaries. Its routing function enables internetworking, and essentially establishes the Internet. BGP is a great example of (inter-domain) routing protocol in this context.
IP has the task of delivering packets from the source host to the destination host solely based on the IP addresses in the packet headers. For this purpose, IP defines packet structures that encapsulate the data to be delivered. It also defines addressing methods that are used to label the datagram with source and destination information.
The first major version of IP, Internet Protocol Version 4 (IPv4), is the dominant protocol of the Internet. Its successor is Internet Protocol Version 6 (IPv6), which has been in increasing deployment on the public Internet since c. 2006 due to the exhaustion of IPv4 addresses.
A numerical label such as 192.0.2.1 that is connected to a computer network that uses the Internet Protocol for communication. An IP address serves two main functions: host or network interface identification and location addressing.
Internet Protocol version 4 (IPv4) defines an IP address as a 32-bit number. However, because of the growth of the Internet and the depletion of available IPv4 addresses, a new version of IP (IPv6), using 128 bits for the IP address, was standardized in 1998.
IP addresses are written and displayed in human-readable notations, such as 192.0.2.1 in IPv4, and 2001:db8:0🔢0:567:8:1 in IPv6. An IP address is comprised of a network number (routing prefix) and a rest field (host identifier). A rest field is an identifier that is specific to a given host or network interface. The size of the routing prefix of the address is designated in CIDR notation by suffixing the address with the number of significant bits, e.g., 192.0.2.1/24, which is equivalent to the historically used subnet mask 255.255.255.0.
The IP address space is managed globally by the Internet Assigned Numbers Authority (IANA), and by five regional Internet registries (RIRs) responsible in their designated territories for assignment to local Internet registries, such as Internet service providers (ISPs), and other end users. Some IPv4/IPv6 addresses are reserved for private networks and are not globally unique.
Network administrators assign an IP address to each device connected to a network. Such assignments may be on a static (fixed or permanent) or dynamic basis, depending on network practices and software features.
Often referred to also as IP Network. A group of IP addresses. An IP address is comprised of a network number (routing prefix) and a rest field (host identifier). A rest field is an identifier that is specific to a given host or network interface. A routing prefix is often expressed using Classless Inter-Domain Routing (CIDR) notation for both IPv4 and IPv6. CIDR is a method used to create unique identifiers for networks, as well as individual devices. For IPv4, networks can also be characterized using a subnet mask, which is sometimes expressed in dot-decimal notation, as shown in the "Subnet" field in the calculator. All hosts on a subnetwork have the same network prefix, unlike the host identifier, which is a unique local identification. In IPv4, these subnet masks are used to differentiate the network number and host identifier. In IPv6, the network prefix performs a similar function as the subnet mask in IPv4, with the prefix length representing the number of bits in the address.
The act of dividing a network into at least two separate networks is called subnetting; routers are devices that allow traffic exchange between subnetworks, serving as a physical boundary.
Autonomous System (AS)
A collection of connected Internet Protocol (IP) routing prefixes under the control of one or more network operators on behalf of a single administrative entity or domain, that presents a common and clearly defined routing policy to the Internet.
Autonomous System Number (ASN)
Unique number assigned to each AS, for use in Border Gateway Protocol (BGP) routing. Autonomous System Numbers are assigned to Local Internet Registries (LIRs) and end user organizations by their respective Regional Internet Registries (RIRs), which in turn receive blocks of ASNs for reassignment from the Internet Assigned Numbers Authority (IANA). The IANA also maintains a registry of ASNs which are reserved for private use (and should therefore not be announced to the global Internet).
The network device (composed of appropriate hardware and software) that performs routing based on different mechanisms (like OSPF, BGP, etc. routing protocols).
The process of selecting a path for traffic in a network or between or across multiple networks. Broadly, routing is performed in many types of networks, including circuit-switched networks, such as the public switched telephone network (PSTN), and computer networks, such as the Internet.
In an Internet/IP context, we deal with packet switching networks, where routing is the higher-level decision making that directs network packets from their source toward their destination through intermediate network nodes by specific packet forwarding mechanisms. Packet forwarding is the transit of network packets from one network interface to another. Intermediate nodes are typically network hardware devices such as routers, gateways, firewalls, or switches. General-purpose computers also forward packets and perform routing, although they have no specially optimized hardware for the task.
The routing process usually directs forwarding on the basis of routing tables. Routing tables maintain a record of the routes to various network destinations. Routing tables may be specified by an administrator, learned by observing network traffic or built with the assistance of routing protocols.
Routing, in a narrower sense of the term (which pertains also to the Code BGP case), often refers to IP routing and is contrasted with bridging. IP routing assumes that network addresses are structured and that similar addresses imply proximity within the network. Structured addresses allow a single routing table entry to represent the route to a group of devices. In large networks, structured addressing (routing, in the narrow sense) outperforms unstructured addressing (bridging). Routing has become the dominant form of addressing on the Internet. Bridging is still widely used within local area networks (outside our context).
Standardized exterior gateway protocol designed to exchange routing and reachability information among autonomous systems (AS) on the Internet. BGP is classified as a path-vector routing protocol, and it makes routing decisions based on paths, network policies, or rule-sets configured by a network administrator.
BGP used for routing within an autonomous system is called Interior Border Gateway Protocol, Internal BGP (iBGP). In contrast, the Internet application of the protocol is called Exterior Border Gateway Protocol, External BGP (eBGP).
For a deep dive on BGP please check this page.
A router that advertises BGP messages and in general "speaks" BGP. The BGP speaker establishes peer relationships with other BGP speakers to exchange routing information. When a BGP speaker receives a new route or a route better than the current one from another AS, it advertises the route to all the other BGP peers in the local AS. BGP can be configured to run on a router in the following two modes: iBGP (internal BGP), eBGP (external BGP). When a BGP speaker peers with another BGP speaker that resides in the same autonomous system, the session is referred to as an iBGP session. When a BGP speaker peers with a BGP speaker that resides in a different autonomous system, the session is referred to as an eBGP session.
BGP neighbors, called peers, are established by manual configuration among routers to create a TCP session on port 179. A BGP speaker sends 19-byte keep-alive messages every 30 seconds (protocol default value, tunable) to maintain the connection (i.e., the peering). Among routing protocols, BGP is unique in using TCP as its transport protocol.
Resource Public Key Infrastructure (RPKI), also known as Resource Certification, is a specialized public key infrastructure (PKI) framework to support improved security for the Internet's BGP routing infrastructure.
RPKI provides a way to connect Internet number resource information (such as Autonomous System numbers and IP addresses) to a trust anchor. The certificate structure mirrors the way in which Internet number resources are distributed. That is, resources are initially distributed by the IANA to the regional Internet registries (RIRs), who in turn distribute them to local Internet registries (LIRs), who then distribute the resources to their customers. RPKI can be used by the legitimate holders of the resources to control the operation of Internet routing protocols to prevent route hijacking and other attacks. In particular, RPKI is used to secure the Border Gateway Protocol (BGP) through BGP Route Origin Validation (ROV), as well as Neighbor Discovery Protocol (ND) for IPv6 through the Secure Neighbor Discovery protocol (SEND).
RPKI uses X.509 PKI certificates (RFC 5280) with extensions for IP addresses and AS identifiers (RFC 3779). It allows the members of regional Internet registries, known as local Internet registries (LIRs), to obtain a resource certificate listing the Internet number resources they hold. This offers them validatable proof of holdership, though the certificate does not contain identity information. Using the resource certificate, LIRs can create cryptographic attestations about the route announcements they authorise to be made with the prefixes they hold. These attestations are called Route Origination Authorizations (ROAs).
Route Origination Authorization
A Route Origination Authorization (ROA) states which autonomous system (AS) is authorised to originate certain IP prefixes. In addition, it can determine the maximum length of the prefix that the AS is authorised to advertise.