BGP Operations and Security
Embed This Widget
Add the script tag and a data attribute to embed this widget.
Embed via iframe for maximum compatibility.
<iframe src="https://ipfyi.com/iframe/entity//" width="420" height="400" frameborder="0" style="border:0;border-radius:10px;max-width:100%" loading="lazy"></iframe>Paste this URL in WordPress, Medium, or any oEmbed-compatible platform.
https://ipfyi.com/entity//Add a dynamic SVG badge to your README or docs.
[](https://ipfyi.com/entity//)Use the native HTML custom element.
J. Durand, I. Pepelnjak, G. Doering · 2015-02
Abstract
BCP 194 / RFC 7454 documents operational security practices for BGP, covering session security (MD5 TCP-AO, GTSM TTL security), prefix filtering, max-prefix limits, AS path filtering, and route flap damping. It provides actionable guidance for network operators to harden BGP sessions and prevent route leaks or hijacks from destabilizing the routing table.
Why This RFC Matters
BGP was designed without security mechanisms, and misconfigurations or malicious announcements have caused major Internet outages. RFC 7454 consolidates the community's hard-won operational wisdom into a single BCP document. Practices such as prefix-length filtering (reject /25 and longer from eBGP peers), max-prefix limits with tear-down, and GTSM to prevent remote session hijacking are now considered baseline requirements for responsible BGP operation and are referenced by IXP route-server policies worldwide.