What is Border Gateway Protocol (BGP) security?
Why Interviewers Ask This
Interviewers ask this to evaluate whether you have the depth of knowledge needed to mentor others and lead technical decisions. The expected answer goes beyond definitions into practical implications and real-world consequences.
Answer
BGP lacks built-in security — anyone can announce any prefix, leading to routing incidents. BGP hijacking occurs when a malicious or misconfigured AS announces prefixes it does not own, redirecting traffic. Famous examples: Pakistan Telecom's 2008 YouTube hijack, Amazon Route 53 BGP hijack in 2018. BGP route leaks propagate routes to peers that should not see them, disrupting routing. Mitigations: RPKI (Resource Public Key Infrastructure) — cryptographically validates that ASes have authorization to announce specific IP prefixes via ROA (Route Origin Authorization) records; ROV (Route Origin Validation) drops invalid announcements. IRR (Internet Routing Registry) filtering — filter based on published routing policies. MD5 authentication on BGP sessions — prevents session hijacking. Prefix filtering — only accept expected prefixes from each peer. MANRS (Mutually Agreed Norms for Routing Security) — industry initiative for routing security practices. RPKI adoption is growing but still not universal.
Pro Tip
If you're unsure about a detail, say so honestly and explain your reasoning. Interviewers respect candidates who can think through uncertainty rather than bluffing.