routingnetworkingnetwork-plusIntermediate22 min read

What Is Internal Border Gateway Protocol in Networking?

Also known as: Internal Border Gateway Protocol, IBGP, BGP tutorial, CCNA routing, Network+ routing protocols

Reviewed byJohnson Ajibi· Senior Network & Security Engineer · MSc IT Security

This page mentions older exam versions. See the Current Exam Context and Legacy Exam Context sections below for the updated mapping.

On This Page

Quick Definition

IBGP is a routing protocol that helps routers inside the same organization share information about how to reach networks outside that organization. It ensures that all routers in your network know the best paths to external destinations, like websites or cloud services. Unlike its cousin EBGP, IBGP operates only within one company or group of networks. It requires special rules to work correctly, such as a full mesh of connections between routers.

Must Know for Exams

IBGP appears in several major certification exams, most notably the Cisco CCNA and CCNP, CompTIA Network+, and Juniper JNCIA. In the CCNA 200-301 exam, IBGP is covered under the routing technologies section. Candidates must understand the difference between IBGP and EBGP, the full mesh requirement, and the rules for next hop reachability.

Exam questions may ask why IBGP requires a full mesh or what happens if a route reflector is not used. In the CCNP Enterprise (350-401 ENCOR) exam, IBGP is covered in more depth, including route reflectors, confederations, and advanced path selection. The exam expects you to configure IBGP and troubleshoot common issues like missing routes or loops.

In CompTIA Network+ (N10-008), IBGP is introduced as an advanced routing concept. You do not need to configure it, but you must understand its role in enterprise networks and how it differs from OSPF or EIGRP. Questions may present a scenario where a company has multiple internet connections and ask which protocol would ensure all internal routers know the external routes.

The correct answer is IBGP. In the Juniper JNCIA-Junos exam, IBGP configuration and concepts are covered under the routing policy section. You need to understand how IBGP works with Junos policy and how to configure IBGP groups.

Exam questions often ask about the differences between IBGP and EBGP regarding the next hop and AS path attributes. Some questions test your understanding of the BGP split horizon rule, which prevents IBGP routes from being advertised to other IBGP peers. This rule is a common exam trap.

You must know that IBGP relies on IGP for next hop reachability. Overall, IBGP is a high-weight topic in routing exams. You should be prepared for both theoretical and configuration-based questions.

Simple Meaning

Imagine your company is a large office building with many departments. Each department has its own internal phone system, but sometimes people need to call outside the building. To make those outside calls, each department needs a list of external phone numbers and the best way to reach them.

Now, think of IBGP as the process that copies that external phone directory to every department in the building. The directory itself comes from a single main switchboard at the entrance, which we call the border router. That main switchboard talks to the outside world using another protocol called EBGP.

Once the main switchboard learns the external numbers, IBGP takes over and shares that information with all the internal departments. Without IBGP, only the department near the main entrance would know how to reach external numbers. Other departments would have no idea, so calls would fail or get lost.

IBGP ensures that every router inside your network has the same knowledge about the internet routes. It copies the routing information from the border routers to all internal routers, so any router can send traffic to the correct external destination. This is critical for large networks that have multiple connections to the internet or to other companies.

The challenge with IBGP is that it needs special rules to prevent routing loops. For example, all IBGP routers must be connected to each other in a full mesh, meaning every router talks directly to every other router. This is like every department having a direct phone line to every other department.

It ensures that routing information is shared reliably and without confusion. In summary, IBGP is the internal messenger that spreads external routing knowledge throughout your network.

Full Technical Definition

IBGP is a variant of the Border Gateway Protocol (BGP) designed for exchanging routing information within a single autonomous system (AS). It is defined in RFC 4271 and is a path-vector protocol that uses TCP port 179 for reliable transport. Unlike External BGP (EBGP), which exchanges routes between different ASes, IBGP propagates learned routes from an AS border router (ASBR) to all other routers inside the same AS.

A fundamental rule of IBGP is that routes learned via IBGP are not re-advertised to other IBGP peers. This rule prevents routing loops within the AS. Because of this non-transitivity, IBGP requires a full mesh of TCP connections between all IBGP speakers within the AS.

In a full mesh, every IBGP router must have a direct peering session with every other IBGP router. For an AS with n routers, this results in n(n-1)/2 sessions, which can become unmanageable in large networks. To scale IBGP, administrators use techniques such as route reflectors and BGP confederations.

A route reflector allows a designated router to reflect routes to its clients, reducing the number of required sessions. BGP confederations divide the AS into smaller sub-ASes, combining IBGP and EBGP behaviors. IBGP uses the same path selection algorithm as EBGP, considering attributes like local preference, AS path length, multi-exit discriminator (MED), and next hop reachability.

However, IBGP imposes an additional rule: the next hop of an IBGP learned route must be reachable via an Interior Gateway Protocol (IGP) such as OSPF or EIGRP. This is because IBGP does not automatically resolve next hop addresses. Therefore, IGP must provide reachability to the IP addresses used as BGP next hops.

IBGP is crucial for maintaining consistent routing information across a large enterprise or service provider network. It ensures that all routers have the same view of external routes, enabling intelligent traffic engineering and redundancy. Misconfiguration of IBGP can lead to routing black holes, suboptimal paths, or loss of connectivity.

In real-world IT environments, IBGP is typically configured on Cisco IOS, Juniper JunOS, or open-source platforms like FRRouting. Network engineers must carefully design the full mesh or use route reflectors to ensure scalability and reliability.

Real-Life Example

Think of a large corporate office building with a central mailroom. The mailroom is the only department that receives mail from the outside world. Each floor of the building has its own mail clerk who distributes mail to individual offices on that floor.

The mailroom receives packages and letters from postal carriers outside the building. The mailroom then needs to inform each floor's mail clerk about the packages that are coming and where they should go. But there is a rule: the mailroom cannot simply tell one clerk and expect that clerk to tell the others.

Instead, the mailroom must notify every clerk directly. This is exactly how IBGP works. The mailroom represents the border router that learns external routes via EBGP. Each floor's mail clerk represents an internal router running IBGP.

The rule that the mailroom must tell every clerk directly corresponds to the full mesh requirement of IBGP. Now imagine that the mailroom receives a package for an office on the third floor. The mailroom tells the third-floor clerk directly.

But the clerk on the second floor also needs to know about that package? Not really, because the package is not for the second floor. However, in IBGP, all routers need to know about all external routes, because any router might need to forward traffic to that destination.

So the mailroom must tell every clerk about every package. That is why IBGP requires a full mesh. In a very large building, having the mailroom call every clerk individually would be inefficient.

To solve this, you could assign some senior clerks to act as route reflectors. The mailroom tells only those senior clerks, and the senior clerks then relay the information to the other clerks on their floor. This reduces the workload on the mailroom.

This analogy shows how IBGP distributes external routing knowledge within an organization, ensuring that every router has the information it needs to forward traffic correctly.

Why This Term Matters

IBGP matters because it is the standard method for distributing external routing information inside large networks. In real IT work, enterprises and service providers often have multiple connections to the internet or to partner networks. Without IBGP, only the border routers would know the external routes, and internal routers would have no way to forward traffic to those external destinations.

This would force all traffic to go through the border routers, causing congestion and single points of failure. IBGP solves this by ensuring that every router in the AS has the same external routing table. This allows for intelligent traffic engineering.

For example, a network engineer can configure IBGP to prefer one internet link over another for specific traffic types, balancing load and optimizing performance. IBGP also supports redundancy. If one border router fails, internal routers still know the external routes through other border routers because IBGP has propagated them.

Without IBGP, the failure of a single border router would isolate the entire network from the internet. In cloud infrastructure, IBGP is used within virtual private clouds (VPCs) to exchange routes between virtual routers and on-premises networks. In cybersecurity, IBGP helps implement security policies by controlling which external routes are accepted and redistributed.

IBGP is also essential for BGP-based DDoS mitigation techniques, where traffic is diverted to scrubbing centers. Understanding IBGP is critical for network engineers, especially those working with service providers, large enterprises, or data centers. It is a core topic in the Cisco CCNP and CCIE exams, as well as the CompTIA Network+ and Juniper JNCIA certifications.

Without a solid grasp of IBGP, you cannot design or troubleshoot modern large-scale networks.

How It Appears in Exam Questions

IBGP appears in exam questions in several forms. Scenario questions present a network topology with multiple routers and ask which protocol should be used to share external routes within the AS. For example, a company has two border routers connected to different ISPs.

The internal routers need to know the best path to reach external networks. The question asks what configuration is required. The answer involves running IBGP between all internal routers.

Configuration questions ask you to identify the correct IBGP configuration commands. In Cisco exams, you might see a command like 'neighbor 10.0.0.2 remote-as 65000' and need to know that the remote AS number must match the local AS number for IBGP.

Troubleshooting questions present a scenario where internal routers cannot reach the internet. The logs show that IBGP sessions are down or that routes are missing. You must diagnose the problem, such as a missing full mesh, incorrect next hop, or IGP misconfiguration.

Architecture questions ask about scaling IBGP in large networks. For instance, an AS has 50 routers. The question asks which technique reduces the number of IBGP sessions. The answer is route reflectors or confederations.

Attribute-based questions test your knowledge of BGP attributes like local preference and MED. They may ask which attribute is used to influence outbound traffic within an IBGP environment. Comparison questions are common.

They ask you to distinguish IBGP from EBGP. For example, which of the following is true about IBGP? It requires a full mesh, it carries routes that are not loop-free by default, or it uses the same AS number.

The correct answer is that IBGP uses the same AS number. Another pattern asks about the administrative distance of IBGP. In Cisco IOS, IBGP has an administrative distance of 200, meaning it is less preferred than OSPF or EIGRP routes.

This is important for redistribution scenarios. Some questions focus on the BGP split horizon rule. They might ask why a route learned via IBGP cannot be advertised to another IBGP peer.

The answer is to prevent routing loops. Understanding these question patterns will help you approach IBGP exam questions with confidence.

Practise Internal Border Gateway Protocol Questions

Test your understanding with exam-style practice questions.

Practise

Example Scenario

A company called TechGlobal has three offices in different cities: New York, Chicago, and San Francisco. Each office has its own internet connection through a different ISP. The routers in each office are connected via a private WAN.

The network administrator wants all routers in all offices to know the best internet path for any destination. The administrator configures EBGP on the border routers in each office to learn routes from their respective ISPs. Then, she configures IBGP between all internal routers across the three offices.

She creates a full mesh of IBGP sessions so that every router in New York, Chicago, and San Francisco has a direct IBGP peering with every other router. She also uses an IGP like OSPF to provide reachability to the loopback interfaces used as BGP next hops. After configuration, a user in Chicago wants to access a website hosted in Europe.

The Chicago router has learned the route to that website through its own ISP via EBGP and also through IBGP from the New York router. The Chicago router compares the BGP attributes and selects the best path. Because all routers have the same information, traffic can be routed optimally and resiliently.

If the Chicago internet link fails, the Chicago router still knows the route via New York or San Francisco because of IBGP, so connectivity is maintained. This scenario illustrates how IBGP enables consistent routing across a multi-site enterprise.

Common Mistakes

Thinking IBGP routes can be advertised to other IBGP peers by default.

BGP uses a split horizon rule for IBGP. Routes learned via IBGP are not re-advertised to other IBGP peers. This prevents routing loops. If you assume they can be re-advertised, you will expect route propagation to work without a full mesh.

Remember that IBGP requires a full mesh of peering sessions because routes are not passed along. Each IBGP peer must be directly connected via a TCP session to every other IBGP peer.

Confusing IBGP with IGP protocols like OSPF or EIGRP.

IBGP is an EGP (Exterior Gateway Protocol) even though it runs inside an AS. It is designed for external route exchange, not for internal routing inside the AS. OSPF and EIGRP are IGPs used for internal routes. Mixing them up leads to incorrect protocol selection in exam scenarios.

Use IBGP only for exchanging external routes (internet routes) inside the AS. Use OSPF or EIGRP for internal network routes like subnets and loopbacks.

Assuming the next hop of an IBGP learned route is always directly reachable.

IBGP does not change the next hop attribute when advertising routes internally. The next hop may be the IP address of an EBGP peer that is not directly connected to internal routers. If the IGP does not provide a route to that next hop, the route is considered unreachable.

Ensure that the IGP (e.g., OSPF or EIGRP) includes the IP addresses used as BGP next hops. Use loopback interfaces and redistribute them into the IGP so that all routers can reach the next hop.

Setting the local preference attribute incorrectly in IBGP, thinking it only affects EBGP.

Local preference is a BGP attribute used to influence outbound traffic within the AS. It is exchanged only in IBGP updates, not in EBGP. Setting it incorrectly can cause traffic to exit through a less preferred link.

Understand that local preference is applied to routes received from EBGP and then propagated via IBGP. Use it to prefer one exit point over another within the AS.

Forgetting that IBGP sessions must be established using IP addresses that are reachable via IGP.

IBGP uses TCP, so the peers must be able to reach each other's IP addresses. If you configure IBGP using physical interface IPs that are not reachable due to routing, the session will not come up.

Use loopback interfaces for IBGP peering and ensure the loopback IPs are reachable via the IGP. This also provides stability if a physical link fails.

Exam Trap — Don't Get Fooled

An exam question shows a diagram where Router A learns a route via EBGP and advertises it via IBGP to Router B. The question then asks if Router B can advertise that same route to Router C via IBGP. Remember the BGP split horizon rule for IBGP: routes learned via IBGP are not advertised to other IBGP peers.

Router B cannot advertise the route to Router C via IBGP. For Router C to learn the route, there must be a direct IBGP session between Router A and Router C (full mesh) or a route reflector must be used.

Commonly Confused With

Internal Border Gateway ProtocolvsExternal Border Gateway Protocol (EBGP)

EBGP exchanges routes between different autonomous systems (ASes), while IBGP exchanges routes within the same AS. EBGP uses loop prevention through the AS path attribute, while IBGP uses the split horizon rule. EBGP peers are typically directly connected, while IBGP peers can be multiple hops away.

If two companies connect their networks, they use EBGP. If a company has three routers inside its own network that need to share internet routes, they use IBGP.

Internal Border Gateway ProtocolvsOSPF

OSPF is an Interior Gateway Protocol (IGP) that routes traffic within an AS using link-state information. IBGP is an exterior protocol that carries external routes. OSPF automatically calculates the best path based on cost, while IBGP uses complex path attributes. OSPF is typically used for internal subnets, IBGP for internet routes.

A company uses OSPF to route traffic between its office LANs. It uses IBGP to tell all its routers which ISP path to use for internet traffic.

Internal Border Gateway ProtocolvsBGP Route Reflector

A route reflector is a technique to scale IBGP by allowing a router to reflect routes to its clients, reducing the full mesh requirement. It is not a separate protocol but a feature of IBGP. The route reflector violates the split horizon rule in a controlled way.

Instead of making 100 routers all peer with each other, you designate one as a route reflector. All other routers peer only with the reflector, which then reflects the routes to everyone.

Internal Border Gateway ProtocolvsInterior Gateway Protocol (IGP)

IGP is a category of protocols (like OSPF, EIGRP, IS-IS) used for routing within an AS. IBGP is also used within an AS but for a different purpose: carrying external routes. IGPs are typically faster converging and simpler, while IBGP is more scalable for internet routes.

OSPF ensures that every router in the network can reach every subnet. IBGP ensures that every router knows the best way to reach a destination on the internet.

Step-by-Step Breakdown

1

Step 1. A border router learns external routes via EBGP.

An AS border router (ASBR) establishes an EBGP session with a router in another AS, such as an ISP. Through this session, the ASBR receives routes to external networks. These routes become candidates for being propagated inside the local AS.

2

Step 2. The border router installs the routes into its BGP table.

The ASBR stores all learned EBGP routes in its BGP table. It also selects the best path for each destination based on BGP attributes. The best path is then eligible for advertisement via IBGP.

3

Step 3. The border router advertises the best routes to all IBGP peers.

Because of the full mesh requirement, the border router must have a direct IBGP TCP session with every other IBGP router in the AS. It sends the best routes to each peer. The next hop attribute remains unchanged from the EBGP learned value.

4

Step 4. Each internal router receives the routes and checks next hop reachability.

An internal IBGP router receives the route but the next hop may be the external peer's IP address. The router checks its routing table (including IGP routes) to see if the next hop is reachable. If not, the route is not usable. This is why IGP must carry the next hop addresses.

5

Step 5. The internal router installs the best IBGP route into its routing table.

If the next hop is reachable, the router compares the IBGP route with any other routes (including from other protocols) and installs the best one into the global routing table. Now the router can forward traffic to that external destination.

6

Step 6. The internal router does NOT re-advertise the route to other IBGP peers.

Due to the BGP split horizon rule, the internal router will not pass the route to another IBGP peer. This prevents loops but also means every IBGP router must be directly peered with the originating border router or receive the route via a route reflector.

7

Step 7. The network maintains full connectivity and redundancy.

With IBGP, all routers have the same external route information. If one border router fails, internal routers still have routes from other border routers. Traffic can be rerouted automatically, ensuring high availability.

Practical Mini-Lesson

IBGP is a foundational technology for any network that connects to the internet or to multiple external networks. In practice, network engineers configure IBGP on core and distribution layer routers inside an autonomous system. The first practical step is to enable BGP on a router and set the AS number.

For IBGP, every router uses the same AS number. You then create IBGP peer statements pointing to the loopback interfaces of other IBGP routers. Using loopbacks ensures that the peering stays up even if a physical link fails, as long as there is an alternate path via the IGP.

Once the IBGP sessions are up, the router starts receiving routes. A common real-world configuration in Cisco IOS would look like: router bgp 65000, bgp router-id 1.1.1.1, neighbor 2.

2.2.2 remote-as 65000, neighbor 2.2.2.2 update-source Loopback0. The update-source ensures the TCP connection uses the loopback. After configuring peering, you must ensure the IGP covers the loopback IPs.

For example, you can advertise the loopbacks into OSPF or EIGRP. Without this, the IBGP sessions will fail or routes will be unreachable. One challenge in practice is scaling IBGP.

In a network with 50 routers, configuring full mesh IBGP is unmanageable. Engineers use route reflectors to reduce sessions. A route reflector is a router that reflects routes from its clients to other clients, breaking the split horizon rule in a controlled way.

The route reflector itself must still have full connectivity. Another technique is BGP confederations, which divides the AS into sub-ASes. In larger enterprises, IBGP is often combined with policy-based routing to control traffic flow.

For example, you can use local preference to prefer traffic to exit via a specific border router. What can go wrong? Missing IGP routes for next hops is a classic issue. Also, if the full mesh is not completed, some routers will lack routes, causing black holes.

Misconfigured route reflectors can create routing loops. In summary, IBGP is powerful but requires careful design. Professionals need to master IBGP configuration, troubleshooting, and scaling techniques for exams and real-world deployments.

Memory Tip

IBGP Inside, Same AS Number. Think: 'I' for 'I'm Inside' — all peers use the same AS, need full mesh, and rely on IGP for next hop reachability.

Covered in These Exams

Current Exam Context

Current exam versions that test this topic — use these objectives when studying.

Legacy Exam Context

Older materials may mention these exam versions, but learners should use the current objectives for their target exam.

N10-008N10-009(current version)

Related Glossary Terms

Frequently Asked Questions

What is the main difference between IBGP and EBGP?

IBGP operates within a single autonomous system (AS), using the same AS number for all peers. EBGP operates between different ASes, using different AS numbers. IBGP requires a full mesh of connections, while EBGP can be simpler. IBGP also uses the split horizon rule to prevent loops.

Why does IBGP require a full mesh?

IBGP requires a full mesh because of the split horizon rule, which prevents a router from advertising routes learned via IBGP to other IBGP peers. Without a full mesh, not all routers would receive the external routes.

How do you scale IBGP in a large network?

You can scale IBGP using route reflectors or BGP confederations. Route reflectors allow selected routers to reflect routes to clients, reducing the number of required sessions. Confederations divide the AS into smaller sub-ASes to manage the full mesh requirement.

Can IBGP be used without an IGP like OSPF?

Not effectively. IBGP relies on an IGP to provide reachability to next hop addresses. Without an IGP, IBGP routes will appear in the BGP table but will not be installed in the routing table because the next hop is unreachable.

What is the BGP split horizon rule in IBGP?

The BGP split horizon rule states that a route learned via IBGP must not be advertised to another IBGP peer. This prevents routing loops within the AS. It is the reason why IBGP requires a full mesh or alternative scaling techniques.

Is IBGP configured with the same AS number?

Yes. All routers participating in IBGP within the same autonomous system use the same AS number. This is one of the key differences from EBGP, where each AS uses a different number.

What happens if an IBGP peer's next hop is not reachable?

The router will not install the route into its routing table. The route will remain in the BGP table as hidden or not valid. The router will not be able to forward traffic to that destination until the next hop becomes reachable via the IGP.

What is the administrative distance of IBGP?

In Cisco IOS, IBGP has an administrative distance of 200. This means it is less preferred than IGP routes (distance 110 for OSPF, 90 for EIGRP) and also less preferred than static routes. This ensures that internal routing protocols take precedence over IBGP for internal prefixes.

Summary

Internal Border Gateway Protocol (IBGP) is a critical routing protocol used to distribute external routing information within a single autonomous system. It is a version of BGP that runs inside a company or service provider network, ensuring that all internal routers know the best paths to internet or external networks. IBGP differs from EBGP in that it uses the same AS number for all peers and requires a full mesh of TCP connections to avoid routing loops.

The protocol relies on an Interior Gateway Protocol (IGP) like OSPF for next hop reachability. In certification exams such as CCNA, CCNP, and Network+, IBGP appears in scenario, configuration, and troubleshooting questions. You must understand the full mesh requirement, the split horizon rule, and how to scale IBGP using route reflectors.

Common mistakes include confusing IBGP with IGP protocols, assuming routes can be re-advertised, and neglecting IGP next hop reachability. By mastering IBGP, you will be prepared for advanced networking roles and exams that demand deep routing knowledge.