Because of its success, like DNS, BGP is sometimes abused. "It works, so let's use BGP. to distribute stuff"
BGP carries routes (obviously) but also VPN config, firewall rules ("a terrifying way to blow up your network"), link state, etc.
Unlike the DNS, which uses the camel metaphor, BGP people use the "dump truck" metaphor: too many things on BGP.
And BGP is *the* backbone of the Internet. If it breaks, everything breaks. Hence the sensitivity of BGP people with respect to new proposals.
Some even suggest to *stop* adding things to BGP.
(Is BGP Turing-complete? Can you do arbitrary computations with a set of BGP routers?)
You can add new attributes to carry between BGP routers, with interesting possibilities and some possibilities of (imperfect) control over their propagation.
And a problem may appear in routers downsream (since routers may have forwarded incorrect messages). Remember "attribute 99".
Because BGP is stateful, things you send to a peer may be remembered, may be for ever.
Tired: records of Unix uptimes
Wired: records of BGP sessions uptimes
As everyone one (and his dog) knows, BGP has a security issue: how to be sure the peer announcing a route is right?
Your neighbor may lie!
But improving the security requires a way to know the truth: can AS X announce prefix Y? This can be very hard to tell.
There is a BGPsec, signing the AS all along the path. But it is not widely deployed (cryptography is hard).
"I don't say it is impossible, just that it is harder than changing the engines of the plane during the flight."
