Network Policies

What is a network policy?

The goal of network policies is to show the various ways Tier 1 ISPs reach a network. Each policy represents a different path the Tier 1 ISPs take to reach a network.

How are they calculated for my ASN?

  • We gather all ASN paths we have that originate from your ASN.
  • We truncate each path at the last Tier 1 ISP we find.


For example, we might have a route with this path in the database: We then truncate this path to:


  • We group these (truncated) routes together by the truncated AS path. Each of these groups is a unique policy

In other words:

Other sites show “Global Aggregation”, and that is basically “what if we pushed all AS relationships into one massive graph.”

This is however not that useful for understanding the actual everyday routing of some prefixes, and in large networks they quickly become useless because they are too complex to understand (as they are made up of possibly 100’s of different announcement configurations).

Instead bgp.tools groups together prefixes that have the same announcement profile (same upstreams, same reach, same visibility) and generates a name (so they can be easily referenced (this name is not stable for more than a few hours!))

These groups can happen on purpose, for example: A network that has two or more locations that are not connected together, but do share the same ASN. So they will have different upstreams or connectivity.

These groups can also happen accidently: A network has announced 4 prefixes, but one prefix is not accepted by one of their upstreams, so two policies are formed, one with the 3 prefixes that go out on all providers, and the single prefix that got rejected in one of their providers prefix filters.

How do I read the diagrams?

We’ll use this example policy for AS206924. The diagram is:

ASN Path graph

And the prefixes in this policy are:


This tells us that the Tier 1 ISP AS2914 (NTT Communications) sees a route for the both prefixes through AS20473 (Choopa LLC) and that AS1299 (Telia Company) can those same prefixes through AS20473 across the same AS path.

These paths might not be the same physical links, Understanding the layout of Tier 1 carriers is not the scope of this guide.

However, this does mean that if someone is singlehomed (meaning that is their only ISP) to Telia, They will pass though Telia, only.

If someone is singlehomed to AS3356 then based on the diagram above, the data could come into AS206924 either via Telia or NTT. Geography likely is the factor that decides what carrier Lumen passes the packets to.

It is also worth pointing out that these diagrams only show you inbound traffic. Outbound traffic policy is not displayed in this diagram and could vary a lot.