Internet Exchange Point Design. ISP/IXP Workshops

Similar documents
Internet Exchange Points (IXPs) Scalable Infrastructure Workshop

Internet Exchange Point Design

Internet Exchange Points. Philip Smith ISOC-AU Meeting APNIC 38 Brisbane September 16 th 2014

ISP & IXP Design. Philip Smith APNIC st 31 st August 2012

ISP & IXP Design. Philip Smith MENOG 11 Amman 30 th September 9 th October 2012

Interconnections on the Internet: Exchange Points

Peering in Hong Kong. Che-Hoo CHENG CUHK/HKIX

Introduction to Routing

The Value of Peering. ISP/IXP Workshops

Transitioning to BGP. ISP Workshops. Last updated 24 April 2013

ISP Case Study. UUNET UK (1997) ISP/IXP Workshops. ISP/IXP Workshops. 1999, Cisco Systems, Inc.

Introduction to The Internet. ISP/IXP Workshops

E : Internet Routing

APNIC elearning: BGP Attributes

Border Gateway Protocol (BGP)

BGP Attributes and Path Selection

Address Scheme Planning for an ISP backbone Network

Exterior Gateway Protocols (BGP)

BGP Routing. Course Description. Students Will Learn. Target Audience. Hands-On

Introduction to The Internet

Examination. IP routning på Internet och andra sammansatta nät, DD2491 IP routing in the Internet and other complex networks, DD2491

Simple Multihoming. ISP/IXP Workshops

SERVICE DESCRIPTION INTERNET TRANSIT / 2.6.4

Module 12 Multihoming to the Same ISP

IPv6 Deployment in MyIX. Professor Dr. Sureswaran Ramadass

Inter-domain Routing Basics. Border Gateway Protocol. Inter-domain Routing Basics. Inter-domain Routing Basics. Exterior routing protocols created to:

Routing in Small Networks. Internet Routing Overview. Agenda. Routing in Large Networks

BGP. 1. Internet Routing

Simple Multihoming. ISP Workshops. Last updated 30 th March 2015

Border Gateway Protocol BGP4 (2)

APNIC elearning: BGP Basics. Contact: erou03_v1.0

DD2491 p Load balancing BGP. Johan Nicklasson KTHNOC/NADA

BGP Multihoming Techniques

IPv6 Addressing. ISP Training Workshops

Internet inter-as routing: BGP

Understanding Virtual Router and Virtual Systems

Troubleshooting and Maintaining Cisco IP Networks Volume 1

LINX History. ISP Workshops

CHAPTER 6 NETWORK DESIGN

BGP Multihoming Techniques

Introduction to Metropolitan Area Networks and Wide Area Networks

The Role IXPs and Peering Play in the Evolution of the Internet

Routing Protocol - BGP

Router and Routing Basics

How to Configure BGP Tech Note

Colt IP Access Colt Technology Services

Deploying OSPF for ISPs. OSPF Design. Agenda. Service Providers. SP Architecture. SP Architecture. OSPF Design in SP Networks

An overview on Internet Measurement Methodologies, Techniques and Tools

HP Networking BGP and MPLS technology training

CHAPTER 6 DESIGNING A NETWORK TOPOLOGY

BGP Best Path Selection Algorithm

How To Understand Bg

Final Exam. Route Computation: One reason why link state routing is preferable to distance vector style routing.

What's inside the cloud?!

BGP Multihoming. Why Multihome? Why Multihome? Why Multihome? Why Multihome? Why Multihome? Redundancy. Reliability

11/22/

FLAG s IPv6 Implementation

SPAN Port or TAP? TAP is the only viable data access technology for today s business critical networks

BGP Multihoming Techniques

Configuration Management: Best Practices White Paper

BGP Multihoming Techniques

BGP Terminology, Concepts, and Operation. Chapter , Cisco Systems, Inc. All rights reserved. Cisco Public

Course Contents CCNP (CISco certified network professional)

BGP Multihoming Techniques. Philip Smith APRICOT 2013 Singapore 19 th February 1 st March 2013

--BGP 4 White Paper Ver BGP-4 in Vanguard Routers

IPv6 over IPv4/MPLS Networks: The 6PE approach

ITRI CCL. IP Routing Primer. Paul C. Huang, Ph.D. ITRI / CCL / N300. CCL/N300; Paul Huang 1999/6/2 1

DDoS Mitigation Techniques

Open Access Fibre Networks

Guide to TCP/IP, Third Edition. Chapter 3: Data Link and Network Layer TCP/IP Protocols

ISP Network Design. ISP Workshops. Last updated 16 September 2013

Topic 1: Internet Architecture & Addressing

Asynchronous Transfer Mode: ATM. ATM architecture. ATM: network or link layer? ATM Adaptation Layer (AAL)

RFC 2547bis: BGP/MPLS VPN Fundamentals

Example: Advertised Distance (AD) Example: Feasible Distance (FD) Example: Successor and Feasible Successor Example: Successor and Feasible Successor

Hands on Workshop. Network Performance Monitoring and Multicast Routing. Yasuichi Kitamura NICT Jin Tanaka KDDI/NICT APAN-JP NOC

Border Gateway Protocol Best Practices

Internet Routing Protocols Lecture 04 BGP Continued

Advanced BGP Policy. Advanced Topics

National Education Network. KAREN School Cluster High-level Design

Outline. EE 122: Interdomain Routing Protocol (BGP) BGP Routing. Internet is more complicated... Ion Stoica TAs: Junda Liu, DK Moon, David Zats

VPN. Date: 4/15/2004 By: Heena Patel

Transparent LAN Services Offer Visible Benefits

Multihoming and Multi-path Routing. CS 7260 Nick Feamster January

Understanding Route Aggregation in BGP

BT Internet Connect Global - Annex to the General Service Schedule

Lecture 18: Border Gateway Protocol"

Measuring the Web: Part I - - Content Delivery Networks. Prof. Anja Feldmann, Ph.D. Dr. Ramin Khalili Georgios Smaragdakis, PhD

basic BGP in Huawei CLI

A Link Load Balancing Solution for Multi-Homed Networks

Fireware How To Dynamic Routing

Packet Tracer 3 Lab VLSM 2 Solution

Overview of Routing between Virtual LANs

DE-CIX Premium Internet Exchange Services

Hong Kong Internet Exchange (HKIX)

EE627 Lecture 22. Multihoming Route Control Devices

Transcription:

Internet Exchange Point Design ISP/IXP Workshops 1

IXP Design Background Why set up an IXP? Layer 2 Exchange Point Layer 3 Exchange Point Design Considerations Route Collectors & Servers What can go wrong? 2

A bit of history In a time long gone 3

A Bit of History End of NSFnet one major backbone move towards commercial Internet private companies selling their bandwidth need for coordination of routing exchange between providers Traffic from ISP A needs to get to ISP B Routing Arbiter project created to facilitate this 4

What is an Exchange Point Network Access Points (NAPs) established at end of NSFnet The original exchange points Major providers connect their networks and exchange traffic High-speed network or ethernet switch Simple concept any place where providers come together to exchange traffic 5

Internet Exchange Points Layer 2 exchange point Ethernet (1000/100Mbps) Older technologies include ATM, Frame Relay, SRP, FDDI and SMDS Layer 3 exchange point Router based Historical status 6

Why an Internet Exchange Point? Saving money, improving QoS, Generating a local Internet economy 7

Internet Exchange Point Why peer? Consider a region with one ISP They provide internet connectivity to their customers They have one or two international connections Internet grows, another ISP sets up in competition They provide internet connectivity to their customers They have one or two international connections How does traffic from customer of one ISP get to customer of the other ISP? Via the international connections 8

Internet Exchange Point Why peer? Yes, International Connections If satellite, RTT is around 550ms per hop So local traffic takes over 1s round trip International bandwidth Costs significantly more than domestic bandwidth Congested with local traffic Wastes money, harms performance 9

Internet Exchange Point Why peer? Solution: Two competing ISPs peer with each other Result: Both save money Local traffic stays local Better network performance, better QoS, More international bandwidth for expensive international traffic Everyone is happy 10

Internet Exchange Point Why peer? A third ISP enters the equation Becomes a significant player in the region Local and international traffic goes over their international connections They agree to peer with the two other ISPs To save money To keep local traffic local To improve network performance, QoS, 11

Internet Exchange Point Why peer? Peering means that the three ISPs have to buy circuits between each other Works for three ISPs, but adding a fourth or a fifth means this does not scale Solution: Internet Exchange Point 12

Internet Exchange Point Every participant has to buy just one whole circuit From their premises to the IXP Rather than N-1 half circuits to connect to the N-1 other ISPs 5 ISPs have to buy 4 half circuits = 2 whole circuits already twice the cost of the IXP connection 13

Internet Exchange Point Solution Every ISP participates in the IXP Cost is minimal one local circuit covers all domestic traffic International circuits are used for just international traffic and backing up domestic links in case the IXP fails Result: Local traffic stays local QoS considerations for local traffic is not an issue RTTs are typically sub 10ms Customers enjoy the Internet experience Local Internet economy grows rapidly 14

Layer 2 Exchange The traditional IXP 15

Layer 2 Exchange ISP 6 ISP 5 ISP 4 IXP Services: TLD DNS, Routing Registry Looking Glass, news, etc Ethernet Switch IXP Management Network ISP 1 ISP 2 ISP 3 16

Layer 2 Exchange ISP 6 ISP 5 ISP 4 IXP Services: TLD DNS, Routing Registry Looking Glass, news, etc Ethernet Switches IXP Management Network ISP 1 ISP 2 ISP 3 17

Layer 2 Exchange Two switches for redundancy ISPs use dual routers for redundancy or loadsharing Offer services for the common good Internet portals and search engines DNS TLD, News, NTP servers Routing Registry and Looking Glass 18

Layer 2 Exchange Requires neutral IXP management usually funded equally by IXP participants 24x7 cover, support, value add services Secure and neutral location Configuration private address space if non-transit and no value add services ISPs require AS, basic IXP does not 19

Layer 2 Exchange Network Security Considerations LAN switch needs to be securely configured Management routers require TACACS+ authentication, vty security IXP services must be behind router(s) with strong filters 20

Layer 3 Exchange Aka: The wholesale transit ISP 21

Layer 3 Exchange/Wholesale Transit ISP ISP 6 ISP 5 ISP 4 IXP Services: TLD DNS, Routing Registry Looking Glass, news, etc IXP Router IXP Management Network ISP 1 ISP 2 ISP 3 22

Layer 3 Exchange/Wholesale Transit ISP ISP 6 ISP 5 ISP 4 IXP Services: TLD DNS, Routing Registry Looking Glass, news, etc IXP Routers IXP Management Network ISP 1 ISP 2 ISP 3 23

Layer 3 Exchange/Wholesale Transit ISP Two routers for redundancy ISPs use dual routers for redundancy or loadsharing Offer services for the common good Internet portals and search engines DNS TLD, News, NTP servers Routing Registry and Looking Glass 24

Layer 3 Exchange/Wholesale Transit ISP Requires neutral management Usually funded equally by participants 24x7 cover, support, value add services BGP configuration skills essential Secure and neutral location Configuration private address space if non-transit and no value add services ISPs and IXP require AS 25

Layer 3 Exchange/Wholesale Transit ISP Network Security Considerations Core IXP router(s) require strong security, preferably with BGP neighbour authentication Management routers require TACACS+ authentication, vty security IXP services must be behind router(s) with strong filters 26

Transit IXPs/Wholesale Transit ISP Provides local Internet exchange facility to members Also provides transit to Internet or upstream ISP Usually operated as a commercial service Usually layer 3 design 27

Layer 3 Transit Exchange/Transit ISP ISP 5 ISP 4 Transit Routers Internet ISP IXP Services: TLD DNS, Routing Registry Looking Glass, IXP Routers IXP Management Network news, etc ISP 1 ISP 2 ISP 3 28

Layer 2 versus Layer 3 Layer 3 IXP team requires good BGP knowledge Rely on 3rd party for BGP configuration Less freedom on who peers with whom Usually competes with IXP membership Tends to be distributed over wide area 29

Layer 2 versus Layer 3 Layer 2 IXP team does not need routing knowledge Easy to get started More complicated to distribute over wide area ISPs free to set up peering agreements with each other as they wish 30

Layer 2 versus Layer 3 Summary Layer 2 is a REAL internet exchange point Layer 3 is marketing concept used by Transit ISPs Is NOT a real IXP 31

IXP Design Considerations 32

Exchange Point Design The IXP Core is an Ethernet switch Has superseded all other types of network devices for an IXP From the cheapest and smallest 12 or 24 port 10/100 switch To the largest 32 port 10GigEthernet switch 33

Exchange Point Design Each ISP participating in the IXP brings a router to the IXP location Router needs: One Ethernet port to connect to IXP switch One WAN port to connect to the WAN media leading back to the ISP backbone To be able to run BGP 34

Exchange Point Design IXP switch located in one equipment rack dedicated to IXP Also includes other IXP operational equipment Routers from participant ISPs located in neighbouring/adjacent rack(s) Copper (UTP) connections made for 10Mbps, 100Mbps or 1Gbps connections Fibre used for 10Gbps and 40Gbps 35

Peering Each participant needs to run BGP They need their own AS number Public ASN, NOT private ASN Each participant configures external BGP directly with the other participants in the IXP Peering with all participants or Peering with a subset of participants 36

Peering (more) Mandatory Multi-Lateral Peering (MMLP) Each participant is required to peer with every other participant as part of their IXP membership Has no history of success the practice is discouraged Multi-Lateral Peering (MLP) Each participant peers with every other participant Bi-Lateral Peering Participants set up peering with each other according to their own requirements and business relationships This is the most common situation at IXPs today 37

Routing ISP border routers at the IXP generally should NOT be configured with a default route or carry the full Internet routing table Carrying default or full table means that this router and the ISP network is open to abuse by non-peering IXP members Correct configuration is only to carry routes offered to IXP peers on the IXP peering router Note: Some ISPs offer transit across IX fabrics They do so at their own risk see above 38

Routing (more) ISP border routers at the IXP should not be configured to carry the IXP LAN network within the IGP or ibgp Use next-hop-self BGP concept Don t generate ISP prefix aggregates on IXP peering router If connection from backbone to IXP router goes down, normal BGP failover will then be successful 39

Address Space Some IXPs use private addresses for the IX LAN Public address space means IXP network could be leaked to Internet which may be undesirable Because most ISPs filter RFC1918 address space, this avoids the problem Some IXPs use public addresses for the IX LAN Address space available from the RIRs IXP terms of participation often forbid the IX LAN to be carried in the ISP member backbone 40

Hardware Try not to mix port speeds if 10Mbps and 100Mbps connections available, terminate on different switches (L2 IXP) Don t mix transports if terminating ATM PVCs and G/F/Ethernet, terminate on different devices Insist that IXP participants bring their own router moves buffering problem off the IXP security is responsibility of the ISP, not the IXP 41

Services Offered Services offered should not compete with member ISPs (basic IXP) e.g. web hosting at an IXP is a bad idea unless all members agree to it IXP operations should make performance and throughput statistics available to members Use tools such as MRTG to produce IX throughput graphs for member (or public) information 42

Services to Offer cctld DNS the country IXP could host the country s top level DNS e.g. SE. TLD is hosted at Netnod IXes in Sweden Offer back up of other country cctld DNS Root server Anycast instances of I.root-servers.net, F.root-servers.net etc are present at many IXes Usenet News Usenet News is high volume could save bandwidth to all IXP members 43

Services to Offer Route Collector Route collector shows the reachability information available at the exchange Technical detail covered later on Looking Glass One way of making the Route Collector routes available for global view (e.g. www.traceroute.org) Public or members only access 44

Services to Offer Content Redistribution/Caching For example, Akamised update distribution service Network Time Protocol Locate a stratum 1 time source (GPS receiver, atomic clock, etc) at IXP Routing Registry Used to register the routing policy of the IXP membership (more later) 45

Introduction to Route Collectors What routes are available at the IXP? 46

What is a Route Collector? Usually a router or Unix system running BGP Gathers routing information from service provider routers at an IXP Peers with each ISP using BGP Does not forward packets Does not announce any prefixes to ISPs 47

Purpose of a Route Collector To provide a public view of the Routing Information available at the IXP Useful for existing members to check functionality of BGP filters Useful for prospective members to check value of joining the IXP Useful for the Internet Operations community for troubleshooting purposes E.g. www.traceroute.org 48

Route Collector at an IXP R3 R2 R4 R1 SWITCH R5 Route Collector 49

Route Collector Requirements Router or Unix system running BGP Minimal memory requirements only holds IXP routes Minimal packet forwarding requirements doesn t forward any packets Peers ebgp with every IXP member Accepts everything; Gives nothing Uses a private ASN Connects to IXP Transit LAN Back end connection Second Ethernet globally routed Connection to IXP Website for public access 50

Route Collector Implementation Most IXPs now implement some form of Route Collector Benefits already mentioned Great public relations tool Unsophisticated requirements Just runs BGP 51

Introduction to Route Servers How to scale very large IXPs 52

What is a Route Server? Has all the features of a Route Collector But also: Announces routes to participating IXP members according to their routing policy definitions Implemented using the same specification as for a Route Collector 53

Features of a Route Server Helps scale routing for large IXPs Simplifies Routing Processes on ISP Routers Optional participation Provided as service, is NOT mandatory Does result in insertion of RS Autonomous System Number in the Routing Path Optionally uses Policy registered in IRR 54

Diagram of N-squared Peering Mesh For large IXPs (dozens for participants) maintaining a larger peering mesh becomes cumbersome and often too hard 55

Peering Mesh with Route Servers RS RS ISP routers peer with the Route Servers Only need to have two ebgp sessions rather than N 56

RS based Exchange Point Routing Flow RS TRAFFIC FLOW ROUTING INFORMATION FLOW 57

Advantages of Using a Route Server Helps scale Routing for very large IXPs Separation of Routing and Forwarding Simplify Routing Configuration Management on ISPs routers 58

Disadvantages of using a Route Server ISPs can lose direct policy control If RS is only peer, ISPs have no control over who their prefixes are distributed to Completely dependent on 3rd party Configuration, troubleshooting, etc Insertion of RS ASN into routing path Traffic engineering/multihoming needs more care These are major disadvantages Usually out-weigh the advantages 59

Typical usage of a Route Server Route Servers may be provided as an OPTIONAL service Most common at large IXPs (>50 participants) Examples: TorIX, AMS-IX, etc ISPs peer: Directly with significant peers With Route Server for the rest 60

Things to think about... Would using a route server benefit you? Helpful when BGP knowledge is limited (but is NOT an excuse not to learn BGP) Avoids having to maintain a large number of ebgp peers But can you afford to lose policy control? (An ISP not in control of their routing policy is what?) 61

What can go wrong The different ways IXP operators harm their IXP 62

What can go wrong? Concept Some Service Providers attempt to cash in on the reputation of IXPs Market Internet transit services as Internet Exchange Point We are exchanging packets with other ISPs, so we are an Internet Exchange Point! So-called Layer-3 Exchanges really Internet Transit Providers Router used rather than a Switch Most famous example: SingTelIX 63

What can go wrong? Competition Too many exchange points in one locale Competing exchanges defeats the purpose Becomes expensive for ISPs to connect to all of them An IXP: is NOT a competition is NOT a profit making business 64

What can go wrong? Rules and Restrictions IXPs try to compete with their membership Offering services that ISPs would/do offer their customers IXPs run as a closed privileged club e.g.: Restrictive membership criteria (closed shop) IXPs providing access to end users rather than just Service Providers IXPs interfering with ISP business decisions e.g. Mandatory Multi-Lateral Peering 65

What can go wrong? Technical Design Errors Interconnected IXPs IXP in one location believes it should connect directly to the IXP in another location Who pays for the interconnect? How is traffic metered? Competes with the ISPs who already provide transit between the two locations (who then refuse to join IX, harming the viability of the IX) Metro interconnections work ok (e.g. LINX) 66

What can go wrong? Technical Design Errors ISPs bridge the IXP LAN back to their offices We are poor, we can t afford a router Financial benefits of connecting to an IXP far outweigh the cost of a router In reality it allows the ISP to connect any devices to the IXP LAN with disastrous consequences for the security, integrity and reliability of the IXP 67

What can go wrong? Routing Design Errors Route Server implemented from Day One ISPs have no incentive to learn BGP Therefore have no incentive to understand peering relationships, peering policies, &c Entirely dependent on operator of RS for troubleshooting, configuration, reliability RS can t be run by committee! Route Server is to help scale peering at LARGE IXPs 68

What can go wrong? Routing Design Errors ibgp Route Reflector used to distribute prefixes between IXP participants Claimed Advantage (1): Participants don t need to know about or run BGP Actually a Disadvantage IXP Operator has to know BGP ISP not knowing BGP is big commercial disadvantage ISPs who would like to have a growing successful business need to be able to multi-home, peer with other ISPs, etc these activities require BGP 69

What can go wrong? Routing Design Errors (cont) Route Reflector Claimed Advantage (2): Fact: Allows an IXP to be started very quickly IXP is only an Ethernet switch setting up an ibgp mesh with participants is no quicker than setting up an ebgp mesh 70

What can go wrong? Routing Design Errors (cont) Route Reflector Claimed Advantage (3): IXP operator has full control over IXP activities Actually a Disadvantage ISP participants surrender control of: Their border router; it is located in IXP s AS Their routing and peering policy IXP operator is single point of failure If they aren t available 24x7, then neither is the IXP BGP configuration errors by IXP operator have real impacts on ISP operations 71

What can go wrong? Routing Design Errors (cont) Route Reflector Disadvantage (4): Migration from Route Reflector to correct routing configuration is highly non-trivial ISP router is in IXP s ASN Need to move ISP router from IXP s ASN to the ISP s ASN Need to reconfigure BGP on ISP router, add to ISP s IGP and ibgp mesh, and set up ebgp with IXP participants and/or the IXP Route Server 72

More Information 73

Exchange Point Policies & Politics AUPs Fees? Acceptable Use Policy Minimal rules for connection Some IXPs charge no fee Other IXPs charge cost recovery A few IXPs are commercial Nobody is obliged to peer Agreements left to ISPs, not mandated by IXP 74

Exchange Point etiquette Don t point default route at another IXP participant Be aware of third-party next-hop Only announce your aggregate routes Read RIPE-399 first (www.ripe.net/docs/ripe-399.html) Filter! Filter! Filter! And do reverse path check 75

Exchange Point Examples LINX in London, UK TorIX in Toronto, Canada AMS-IX in Amsterdam, Netherlands SIX in Seattle, Washington, US PA-IX in Palo Alto, California, US JPNAP in Tokyo, Japan DE-CIX in Frankfurt, Germany All use Ethernet Switches 76

Features of IXPs (1) Redundancy & Reliability Multiple switches, UPS Support NOC to provide 24x7 support for problems at the exchange DNS, Route Collector, Content & NTP servers cctld & root servers Content redistribution systems such as Akamai Route Collector Routing Table view 77

Features of IXPs (2) Location neutral co-location facilities Address space Peering LAN AS Number If using Route Collector/Server Route servers (optional, for larger IXPs) Statistics Traffic data for membership 78

More info about IXPs http://www.ep.net/ep-main.html Excellent resource for ip address allocation for exchanges, locations of XPs in the world, AUPs and other policies http://www.pch.net/documents Another excellent resource of IXP locations, papers, IXP statistics, etc http://www.telegeography.com/ee/ix/index.php A collection of IXPs and interconnect points for ISPs 79

Summary L2 IXP most commonly deployed The core is an ethernet switch ATM and other old technologies are obsolete L3 IXP nowadays is a marketing concept used by wholesale ISPs Does not offer the same flexibility as L2 Not recommended unless there are overriding regulatory or political reasons to do so Avoid! 80

Internet Exchange Point Design ISP/IXP Workshops 81

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information