Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

IXP Best Common Practices - for the members of the IXP

Last week of February 2015, Franck Simon, managing director at the internet exchange point called France-IX, delivered three presentations about the Best Common Practices for IXPs.
This third and last presentation goes into the details of the practices to be used by the members of the internet exchanges.

Related Books

Free with a 30 day trial from Scribd

See all
  • Be the first to comment

IXP Best Common Practices - for the members of the IXP

  1. 1. Best Common Practices for members connected to IXPs Franck Simon – France IX Services fsimon@franceix.net
  2. 2. BCP for members •  You  need  to  have  an  ASN  J   •  Keep  in  mind  that  by  default  you  will  not  get  a  full   Internet  rou;ng  table  on  the  IXP  you  are  connected   to  (except  if  the  IXP  does  allow  private  user  groups  –   private  VLANs  –  and  IP  transit  on  it).     •  You  are  not  allowed  to  adver;ze  neither  any  default   route  (or  the  default  route)  neither  the  full  Internet   table  :  you  shall  only  adver;ze  your  own  customers/ users  routes  on  the  IXPs.   2  
  3. 3. BCP for members •  Keep  in  mind  the  IXP  is  a  layer-­‐2  infrastructure.  You   shall  not  propagate  any  internal  elements  from  your   own  LAN/network  to  the  IXP.   –  On  members  routers,  toward  the  IXP:   •  no  discovery  protocols   •  no  IGP  protocols     •  no  spanning  tree  ac;vated  on  the  port  of  the  equipment   connected  to  the  IXP     •  no  proxy  ARP   3  
  4. 4. BCP for members •  Don’t  send  Mul;cast  over  the  Unicast  peering  VLAN  !   •  Show  only  one  MAC  address  to  the  IXP  (not  the  various  MAC   addresses  of  your  LAN)   •  Apply  IN/OUT  routes  filtering  on  your  connec;on  port  to  the   IXP  :   –  IN  :  deny  the  default  route,  and  some  specific  routes   (bogons…)   –  OUT  :  only  send  the  routes  of  your  own  customers  and  do   not  re-­‐adver;ze  third  party  routes   4  
  5. 5. •  Do  not  hesitate  to  use  the  BGP  routes  service  provided  by  the   IXP,  and  check  about  the  BGP  communi;es  proposed  by  the   IXP  to  bring  you  with  more  flexibility.   •  Do  not  hesitate  to  secure  your  BGP  sessions  (both  sessions   with  members  and  routes  servers):  authen;ca;on  passwords   on  sessions   •  Use  the  stats  (especially  Ne_low/sFlow  stats  when  provided   by  the  IXP),  to  enhance  your  rou;ng  policy  and  iden;fy  the   main  players  you  have  traffic  with.   5   BCP for members
  6. 6.     Ques;ons  ???   6   BCP for members

×