The document discusses the deployment of an internet exchange point (IXP) in Bangladesh called NIX. It describes the key components of NIX including route servers, RPKI validation, SIPIX for interconnection between IP telephony service providers, root server instances, looking glass, NTP servers, and an IXP manager. It outlines the challenges faced in deployment and initiatives taken to address issues related to traffic filtering, security, call quality, and availability. The future plans include completing root server mapping, establishing multiple points of presence, and adding content caching and domain hosting services.

1. “TALE OF A NEW BANGLADESHI NIX”
Md. Rashedul Hasan
System Admin
DigiCon Telecommunication Limited

2. INTERNET EXCHANGE POINT (IXP)

3. What is an IXP?
Any place
where
providers
meet to
exchange
traffic.
ISP-06
ISP-02
ISP-05
ISP-03
ISP-01
ISP-04
IXP Switch

4. Why it is needed?
• IXPs help reduce the portion of an ISP's traffic that must be delivered via their
upstream transit providers, thereby reducing the average per-bit delivery cost of
their service.
• IXPs play an essential role in reducing the cost of transit connections over the
Internet.

5. A NIX Deployment Journey …….

6. To ReachThe Destination……
• Study – historical data to get the idea of NIX Operation
• Observation- others NIX to get the GraphicalView of a NIX.
• Plan – what we would like to do and how.
• Deployment – begin the journey towards the Goal.
• Challenges – what we have faced.
• Initiatives – to overcome those challenges what we have
done.
• Configuration – what changes we have made.

7. What Plan we have madeTo Deploy A NIX…..

8. Router
IIG
Server Zone
SW
IXP
Manager
Route
Svr-01
Route
Svr-02
SIPIX
RPKI
Validator
Looking
Glass
NTP
Server
NMS
Server
NIX SW
ISP-1
ISP-2
ISP-3
Server Zone
NIX Diagram
ISP-3
RTBH
Root
Server

9. We have deployed Route Server as a Route Collector

10. Operational View of a Route Server
NIX SW
Server Zone
SW
Route
Server-1
Route
Server-2
ISP-02
Router
ISP-01
Router
IIG IIG
Router
BGP Session
(Routing Information
Flow)
Traffic Flow
BGP Session
(Routing Information
Flow)

11. How Challenges we have faced during the “Route Server” Deployment
- Route Server Selection: Router or Linux Server
- “Open source” Routing daemon Selection:
• BIRD
• GoBGP
• OpenBGPd:
• FRR (fork of Quagga)
• Quagga (LINX fork)
BIRD is used in several Internet Exchanges, such as the London Internet Exchange (LINX), LONAP,
DE-CIX and MSK-IX as a Route Server, where it replaced Quagga because of its scalability issues.
- BIRD Version Selection:
- Version 1.6, 1.7, 2.0.7, 2.0.8, 2.0.9, 2.0.10 (27.6.2022 - New release)

12. Why we select BIRD Version 2.0.9?
• BGP: Flowspec validation procedure
• Babel: MAC authentication support
• CLI: New 'show route in <prefix>' command
• Filter: Faster (16-way) prefix sets
• Filter: MPLS label route attribute
• Filter: Operators to pick community components
• Filter: Operators to find minimum and maximum element of lists
• BGP: Log route updates that were changed to withdraws
• BGP: Improved 'invalid next hop' error reporting
• OSPF: Allow ifaces with host address as unnumbered PtP or PtMP ifaces
• OSPF: All packets on PtP networks should be sent to AllSPFRouters address
• Scripts for apkg-powered upstream packaging for deb and rpm
• Support for Blake2s and Blake2b hash functions
• Security keys / passwords can be entered in hexadecimal digits
• Memory statistics split into Effective and Overhead
• Linux: New option 'netlink rx buffer' to specify netlink socket buffer size
• BSD: Assume onlink flag on ifaces with only host addresses
• Many bugfixes
Source: https://bird.network.cz/pipermail/bird-users/2022-February/015949.html

13. Challenges to ensure the Security………

14. Challenge-01: Drop the UndesirableTraffic
DDoS Attack

15. To Overcome the Challenge for Drop the UndesirableTraffic
Expected Solution:
1. BGP Flow Spec Implementation
2. RTBH Implementation

16. How RTBH is Dropping the UndesirableTraffic ?
NIX SW
ISP-02
ISP-03
ISP-04
ISP-05
ISP-06
ISP-07
ISP-01 RS-1 RS-2
RTBH
DDoS
Detection
Tool
Attack
Source
Target

17. Validate BGP prefixes advertised by
networks constituting the Internet.
Challenge-02: Route OriginValidation

18. RPKIValidator Deployment
Route Server Cluster
NIX SW
Server Zone
SW
Route
Server-1
Route
Server-2
ISP-02
Router
ISP-01
Router
IIG IIG
Router
RPKI
Validator
Resource Public Key Infrastructure (RPKI) is
an opt-in service that provides security for
Internet routing.
Routinator is a full-featured RPKI Relying
Party software package that runs as a service
which periodically downloads and verifies RPKI
data

19. Buildup the Inter Communication
Between
IPTSP to IPTSP for Call Forwarding

20. SIPIX Diagram for Inter Communication
IIG
NIX SW
Server Zone
SW
SIPIX
Server
IPTSP-1
IPTSP-2
Subscriber-1
Subscriber-
1
IP
User-X
IP
User-Y

21. Major Challenges What We have faced for SIPIX
Challenges:
- Unlimited concurrent calls.
- Minimum Call SetupTime.
- Ensure HighVoice Quality all time.
- Ensure High Availability

22. What Initiatives we have taken against the Challenges
 Unlimited concurrent calls is depends on No. of Cores & RAM.
I have allocate more Core and RAM for the SIPIX Server as required.
 Minimum Call SetupTime is depends on Optimized Routing.
We have worked to do the same as required.
 To Ensure HighVoice Quality all time, We have provided G711 Codec.
 To Ensure High Availability, we are working for the same.

23. Root Servers
Root Servers are responsible for directing each domain name
lookup request to its respective nameserver.

24. Root Server Instances

25. Root Server Anycast Instances Deployment
Deployment Challenges:
1. Meet the Requirements of the Operators for the ROOT Instance.
2. Availability of the Equipment's as need for deployment.
3. Deployment Plan for the Anycast Root DNS for the Specific Region.
Initiatives for the Deployment:
1. We have communicated with Some DNSOperator for the Anycast Root Instance
Deployment.
2. After getting the green signal from the operator, we have provided the required
information.
3. Hope that, we will get the Root Server instance with in short possible time.

26. Looking Glass Deployment

27. Providing Routing Transparency
Looking Glass provides you with information
relative to backbone routing and network
efficiency, providing you with the same
transparency that customers on our network
receive directly.
Route Server Cluster
NIX SW
Server Zone
SW
Route
Server-1
Route
Server-2
IIG IIG
Router
Looking
Glass

28. NTP Server Deployment
Network Time Protocol (NTP) is an internet protocol used to synchronize
with computer clock time sources in a network.

29. Server Zone
SW
IXP
Manager
Route
SVR-01
Route
SVR-02
SIPIX
RPKI
Validator
Looking
Glass
NTP
Server
NMS
Server
NTP Server Deployment

30. IXP Manager Deployment

31. What is IXP Manager?
- Manage peers, contact details and users.
- Single solution to document everything (Switches, Ports, Ips, Cabling)
- Provides statistics and insights to peers (MRTG, Smokeping, Sflow)

32. Full stack Management system for IXPs

33. What does the future hold?

34. What we would like to do?
• Complete the Root Server Instances mapping
• Establish Multi PoP Connectivity
• Add Content Re-distribution/Caching Service
• Add Domain Hosting Service