5. Value of local IXP
5
• Main objective is to keep local traffic local
• Helps bypass third-party network infrastructure for direct
traffic exchange
– Reduce cost
– Enhance network performance
– Reduce latency
– Removal of bandwidth constraints between participating ISPs
6. Peering and Transit example
provider A
provider C
provider B
Backbone
Provider D
A and B peer for free, but need transit
arrangements with D to get packets to/from C
IXP-West
IXP-East
6
7. Public Interconnect
7
• Location or facility where several ISPs are present and
connect to each other over a shared common media
– Usually a peering arrangement between their networks
– Save money, improve performance, reduce latency
The Value of Peering: ISP/IXP Workshop by Philip Smith
8. Peering Models
• BLPA (Bi-Lateral Peering Agreement)
– IX will only provide layer two connection/switch port to ISPs
– Each ISP will make necessary peering arrangement with others by
mutual business understanding
• MLPA (Multi-Lateral Peering Agreement)
– IX will provide layer two connection/switch port to ISPs
– Each ISP will peer with a route server on the IX
– Route server will collect and distribute directly connected routes to peers
• Mandatory MLPA
– Operators are forced to peer with each other as condition of IXP
membership
– Strongly discouraged: Has no record of success
8
The Value of Peering: ISP/IXP Workshop by Philip Smith
9. IXP Operating Cost
• Server Room / Data Center
• Rack Space & Equipment Power (with backup)
• Cooling
• CCTV Camera and other physical security measures
• Fiber access
• Administration and Technical support
9
10. IXP Operating Model
• Not for profit
• Cost sharing
• Membership based
• Neutrality is the most important, even at the beginning
• Expansion can be done gradually, together with the growth
10
11. Important Features of IXP Site
• Proximity to potential members/participants networks
• Availability of electric power, backup supply or generator
• Availability of cooling
• Options, availability, capacity and reliability of
telecommunication links – carrier neutral
• Access to Fiber facilities or rights of way
11
12. Important Features of IXP Site
• Ability to build antenna towers or dig trenches for fiber
• Ease of access (RFID Based for physical security)
• 24 X 7 X 365 access for IXP authorized member staff
• Quality of physical security. CCTV, 24 hour monitoring
• Availability of additional rack space for growth
12
13. Who can join an IXP?
• Any organisation which operates their own autonomous
network, as well as:
– Address space
– AS number
– Transit arrangements
• Includes:
– Commercial ISPs
– Academic & Research networks
– Internet infrastructure operators (eg Root/ccTLDs)
– Content providers
– Broadcasters and media
– Government Information networks
13
202.178.112.1
2401:3E00:DD::1
AS52378
.... .. .
.... .. .
Local content
14. IXP and regulators
• When the domestic IP network environment has been
developed and is competitive
– Regulator keeps a neutral stance toward peering
• When the domestic IP network is under developed and/or
there is little competition
– Regulator encourages coordination and cooperation among ISPs
– Regulator may intervene and/or encourage peering
14
15. APNIC supports IXPs
• APNIC supports IXP development in the region by
collaborating with other organizations (ICANN, ISOC, and
NSRC)
• APNIC supports IXP activities, for example APIX meetings,
at APRICOT and APNIC meetings
• Join us at APNIC 46!
15
https://conference.apnic.net/46/
16. Successful IXP deployment
16
• Vanuatu IXP – VIX
– The initiative dates to 2012, when five ISPs formed an MoU (Telsat,
Digicel, Can’L, SPMI and Vanuatu Government)
– VIX went live in Feb 2014
– Invited APNIC February 2018 to hold IXP workshop
• PNG IX
– Initial initiative taken by NICTA in 2014 to setup IXP
– Invited APNIC January 2017 to help setup the IXP
– PNG neutral IXP launch May 2017
• Fiji-IXP
– TAF facilitated discussions
– APNIC held IXP workshop in November 2017
– Launch in December 2017
17. Capacity Building in the Pacific –
Cyber Security
• Many economies are building or strengthening their cyber
security initiatives
• Many areas:
o Governance – Strategy
o Awareness - for end-users & organisations
o Incident Handing & Response
• APNIC plans to increase support for capacity development
in the region
o Empowering resources to support those local initiatives (i.e. setting
up CSIRT)
o Working with partners including APCERT members, FIRST.org
17
18. APNIC Incident Response Technical
Training
• CERTs are an enabler and only one part of the security
ecosystem
• CERT core functions are incident response, coordination,
information sharing
• Incident response is multistakeholder, security requires
community support
• Start small with quick wins and low upstart costs
• Commit and invest long term, growing capacity as
demand/capability grow
• Leverage regional events and partners
18
19. Pacific CERT actitvies
19
• Tonga CERT
– High-level multistakeholder CERT meeting in May 2016
– APNIC workshop
– Launch of CERT Tonga in July 2016
• PNG CERT
– Initial CERT discussion with NICTA in May 2017
– APNIC workshop
– Launch of PNG CERT in February 2018
• Working with Samoa, Vanuatu and Fiji
– To help build incident response capacity
20. Pacific CERT actitvies
20
• Tonga CERT
– High-level multistakeholder CERT meeting in May 2016
– APNIC workshop
– Launch of CERT Tonga in July 2016
• PNG CERT
– Initial CERT discussion with NICTA in May 2017
– APNIC workshop
– Launch of PNG CERT in February 2018
• Working with Samoa, Vanuatu and Fiji
– To help build incident response capacity
Transit
- Carrying traffic across a network
- Usually for a fee
- Example: Access provider connects to a regional provider
Peering
- Exchanging routing information and traffic
- Usually for no fee
- Sometimes called settlement free peering
- Example: Regional provider connects to another regional provider
Local: where it becomes cheaper to interconnect with other ISPs at a common location than it is to pay transit to another ISP to reach the same consumer base
- Both MLPA and BLPA can be supported at the same time with Layer 2 infrastructure
Should be at a Carrier neutral data center
Telecommunications Authority of Fiji (TAF), which has been facilitating discussions among Fiji’s operator community
regarding fiji, we have started it very small, we dont have much IXP resources apart from a switch.
Talking Points
+ We have been hearing a lot about cyber security in the region. A lot of work around national strategy, increasing awareness & seting up CERTs
+ APNIC is _increasing_ security capacity building acvtivities in the next few years. In addition to the current support for training (v6, security etc)
More of introduction, we know that many economies in the region is looking at improving security. And from different angles – Strategy/Governance, Awareness (both technical and for end-users). And APNIC is planning to increase support for security related activities in the region so that the implementation of those initiatives can be successful