Blog

Image of DARP (monitoring) status dashboard

Will DARP replace BGP to run the internet?

Will BGP's (Border Gateway Protocol) security/performance issues be fixed by replacing it with DARP (Distributed Autonomous Routing Protocol)?

For those in the networking, security and cloud industry, BGP is arguably the most famous of all networking protocols ever. It's credited with making the internet work given its dynamic routing features as a path vector protocol. This allows it to make decisions based on the routes at hand. With BGP neighbours (internet routing nodes) mapped, it can make the smart call to get your packet to its destination at a remarkable scale. It also has increased convergence (learning its routes) efficiencies via multiple features including the use of AS segments (isolated network segments) and the peering (linking) capability to sew these segments together with external BGP protocol processes.

BGP has been around since 1989 and version 4 is still a respected protocol that has had its day in the sun. BGP is considered by many now as the 'broken part of the internet' that has attracted much attention for its security and performance issues. On the security side, the term 'BGP Hijacking' was born when BGP advertisements for routes in the external BGP peering process were manipulated by bad actors identified by the security industry including the People's Republic of China. This manipulation of the process would in this case reroute network traffic through their peered BGP AS segments located in China. I recall an interesting case of this happening where traffic from Switzerland to the US was rerouted to China on its journey, which can give rise to its interception by the Chinese authorities. This is one of many examples that has led to the creation of taskforce MANRS, which promotes the use of Routing Public Key Infrastructure (RPKI). RPKI substantially increases the security posture of peerings if universally adopted. Network ISP circuit providers like AT&T, Telia plus others now use RPKI just a few years later, which is a fast pace for the telcos industry. Another area of concern is the BGP performance of even a fraction of a second lag in network transit. This can amount to millions of dollars in lost revenue for digital companies at scale. 

Syntrophy has focused on a causal solution in the development of DARP. Their Distributed Autonomous Routing Protocol is a blockchain-based protocol that uses AI instead of physical neighbour mapping to dynamically map a route given its modelling across the internet.  This software-defined network architecture based on centralised network infrastructure information is made whole by a one-way latency test packet for a particular route called a "pulse packet". This "pulse packet" leads the route into the local pulse group and is also used to populate the OWL matrix for latency evaluation by the algorithm.  When it is responded to by the receiving node, it creates a public/private key pair for use in an ad-hoc VPN for each stage of the route bearing the OWL modelling in mind. It's in essence a data mesh that secures node-to-node hops via a VPN-styled connection. Its other features provide lower latency given its routing path is mapped via the blockchain-based AI framework. DARP was made public recently and it's been in community testing for some months now.

Given the challenges taken on by Syntrophy, the ability of this routing protocol to replace BGP at scale is past its proof of concept stage. As a cloud infrastructure engineer, I am most interested to see how this encrypted low-level routing protocol interacts at scale with other areas of the network that are run with a BGP/OSPF protocol mix or maybe a eBGP/iBGP mix. Also of note is how it will interact at scale with higher-level encryption protocols like IPSec in VPN tunnelling and whether protocol isolation is proven at scale. Stay tuned for more on infrastructure in this blog along with articles on other areas of interest in the writing and DevOps arenas. To not miss out on any updates on my availability, tips on related areas or anything of interest to all, sign up for one of my newsletters in the footer of any page on Maolte. I look forward to us becoming pen pals!

Related Articles

image of a project timeline for a Maolte Technical Solutions Limited article on major incidents and digital migration

Major Incidents and Digital Migrations

Image of a runbook template header on Confluence for technical writing purposes

Effective Technical Documentation

image of charmartin train station in Madrid Spain

Site Reliability and Change

Image of startupole conference home page

StartupOLE Conference

Image of openshift development console

Cloud VMs or Containers