d2-1up
of 32
Transcript of d2-1up
-
8/12/2019 d2-1up
1/32
1 2003, Cisco Systems, Inc. All rights reserved.Cisco ISP Workshops
Internet Exchange PointDesign
ISP/IXP WorkshopsISP/IXP Workshops
-
8/12/2019 d2-1up
2/32
222 2003, Cisco Systems, Inc. All rights reserved.Cisco ISP Workshops
IXP Design
Layer 2 Exchange Point
Layer 3 Exchange Point Transit Exchange Point
Design Considerations
-
8/12/2019 d2-1up
3/32
333 2003, Cisco Systems, Inc. All rights reserved.Cisco ISP Workshops
Internet Exchange Points
Layer 2 exchange point
ethernet, ATM or Frame Relay switch
Layer 3 exchange point
router based
central or distributed
-
8/12/2019 d2-1up
4/32
4 2003, Cisco Systems, Inc. All rights reserved.Cisco ISP Workshops
Layer 2 Exchange
The traditional IXP
-
8/12/2019 d2-1up
5/32
555 2003, Cisco Systems, Inc. All rights reserved.Cisco ISP Workshops
Layer 2 Exchange
ISP 1 ISP 2ISP 3
IXPManagementNetwork
ISP 6 ISP 5 ISP 4
Ethernet Switch
IXP Services:
TLD DNS,
Routing Registry
Looking Glass,
news, etc
-
8/12/2019 d2-1up
6/32
666 2003, Cisco Systems, Inc. All rights reserved.Cisco ISP Workshops
Layer 2 Exchange
ISP 1 ISP 2ISP 3
IXPManagementNetwork
ISP 6 ISP 5 ISP 4
Ethernet Switches
IXP Services:
TLD DNS,
Routing Registry
Looking Glass,
news, etc
-
8/12/2019 d2-1up
7/32
777 2003, Cisco Systems, Inc. All rights reserved.Cisco ISP Workshops
Layer 2 Exchange
Two switches for redundancy
ISPs use dual routers for redundancy or
loadsharing Offer services for the common good
Internet portals and search engines
DNS TLD, News, NTP servers
Routing Registry and Looking Glass
-
8/12/2019 d2-1up
8/32
888 2003, Cisco Systems, Inc. All rights reserved.Cisco ISP Workshops
Layer 2 Exchange
Requires neutral IXP managementusually funded equally by IXP participants
24x7 cover, support, value add services
Secure and neutral location
Configurationprivate address space if non-transit and no value addservices
ISPs require AS, basic IXP does not
-
8/12/2019 d2-1up
9/32
999 2003, Cisco Systems, Inc. All rights reserved.Cisco ISP Workshops
Layer 2 Exchange
Network Security ConsiderationsLAN switch needs to be securely
configuredManagement routers require TACACS+authentication, vty security
IXP services must be behind router(s) with
strong filters
-
8/12/2019 d2-1up
10/32
10 2003, Cisco Systems, Inc. All rights reserved.Cisco ISP Workshops
Layer 3 Exchange
The wholesale transit ISP
-
8/12/2019 d2-1up
11/32
111111 2003, Cisco Systems, Inc. All rights reserved.Cisco ISP Workshops
Layer 3 Exchange
ISP 1 ISP 2ISP 3
IXPManagementNetwork
ISP 6 ISP 5 ISP 4
IXP Router
IXP Services:
TLD DNS,
Routing Registry
Looking Glass,
news, etc
-
8/12/2019 d2-1up
12/32
121212 2003, Cisco Systems, Inc. All rights reserved.Cisco ISP Workshops
Layer 3 Exchange
ISP 1 ISP 2ISP 3
IXPManagementNetwork
ISP 6 ISP 5 ISP 4
IXP Routers
IXP Services:
TLD DNS,
Routing Registry
Looking Glass,
news, etc
-
8/12/2019 d2-1up
13/32
131313 2003, Cisco Systems, Inc. All rights reserved.Cisco ISP Workshops
Layer 3 Exchange
Two routers for redundancy
ISPs use dual routers for redundancy orloadsharing
Offer services for the common goodInternet portals and search engines
DNS TLD, News, NTP servers
Routing Registry and Looking Glass
-
8/12/2019 d2-1up
14/32
141414 2003, Cisco Systems, Inc. All rights reserved.Cisco ISP Workshops
Layer 3 Exchange
Requires neutral IXP managementusually funded equally by IXP participants
24x7 cover, support, value add services
BGP configuration skills essential Secure and neutral location
Configurationprivate address space if non-transit and no value addservices
ISPs and IXP require AS
-
8/12/2019 d2-1up
15/32
151515 2003, Cisco Systems, Inc. All rights reserved.Cisco ISP Workshops
Layer 3 Exchange
Network Security ConsiderationsCore IXP router(s) require strong security, preferably
with BGP neighbour authenticationManagement routers require TACACS+authentication, vty security
IXP services must be behind router(s) with strongfilters
-
8/12/2019 d2-1up
16/32
161616 2003, Cisco Systems, Inc. All rights reserved.Cisco ISP Workshops
Layer 2 versus Layer 3
Layer 3IXP team requires good BGP knowledge
Rely on 3rd party for BGP configuration
Less freedom on who peers with whom
Could potentially compete with IXP membership
Easier to distribute over wide area
-
8/12/2019 d2-1up
17/32
171717 2003, Cisco Systems, Inc. All rights reserved.Cisco ISP Workshops
Layer 2 versus Layer 3
Layer 2
IXP team does not need routing knowledgeEasy to get started
More complicated to distribute over wide area
ISPs free to set up peering agreements witheach other as they wish
-
8/12/2019 d2-1up
18/32
18 2003, Cisco Systems, Inc. All rights reserved.Cisco ISP Workshops
Transit Exchanges
-
8/12/2019 d2-1up
19/32
191919 2003, Cisco Systems, Inc. All rights reserved.Cisco ISP Workshops
Transit IXPs
Provides local Internet exchange facility tomembers
Also provides transit to Internet orupstream ISP
Usually operated as a commercial service
Usually layer 3 design
-
8/12/2019 d2-1up
20/32
202020 2003, Cisco Systems, Inc. All rights reserved.Cisco ISP Workshops
Layer 3 Transit Exchange
ISP 1 ISP 2ISP 3
IXPManagementNetwork
ISP 5 ISP 4 Transit Routers
IXP Routers
IXP Services:
TLD DNS,
Routing Registry
Looking Glass,
news, etc
Internet
ISP
-
8/12/2019 d2-1up
21/32
21 2003, Cisco Systems, Inc. All rights reserved.Cisco ISP Workshops
IXP Design Considerations
-
8/12/2019 d2-1up
22/32
222222 2003, Cisco Systems, Inc. All rights reserved.Cisco ISP Workshops
Routing and Address Space
ISP border routers should not be configured withdefault route or carry full Internet routing table
Use private addresses if possible publicaddress space means IXP network could beleaked to Internet which may be undesirable
-
8/12/2019 d2-1up
23/32
232323 2003, Cisco Systems, Inc. All rights reserved.Cisco ISP Workshops
Hardware
Dont mix port speedsif 10Mbps and 100Mbps connections available, terminate ondifferent switches (L2 IXP)
Dont mix transportsif terminating ATM PVCs and G/F/Ethernet, terminate ondifferent devices
Insist that IXP participants bring their own router
moves buffering problem off the IXPsecurity is responsibility of the ISP, not the IXP
-
8/12/2019 d2-1up
24/32
242424 2003, Cisco Systems, Inc. All rights reserved.Cisco ISP Workshops
Services Offered
Services offered should not compete withmember ISPs (basic IXP)
e.g. web hosting at an IXP is a bad idea unlessall members agree to it
IXP operations should make performanceand throughput statistics available to
members
-
8/12/2019 d2-1up
25/32
-
8/12/2019 d2-1up
26/32
262626 2003, Cisco Systems, Inc. All rights reserved.Cisco ISP Workshops
Services to Offer
Route Collector All IXP members peer with the route collector
Route collector shows the reachability informationavailable at the exchange
Requires a simple router with large memory
Looking Glassone way of making the Route Collector routes availablefor global view
public or members only access
-
8/12/2019 d2-1up
27/32
-
8/12/2019 d2-1up
28/32
282828 2003, Cisco Systems, Inc. All rights reserved.Cisco ISP Workshops
Services to Offer
Network Time Protocol
Locate a stratum 1 time source (GPS receiver, atomic
clock, etc) at IXP
Multicast
Provide MBONE and other multicast services for thecommon good
-
8/12/2019 d2-1up
29/32
292929 2003, Cisco Systems, Inc. All rights reserved.Cisco ISP Workshops
Services to Offer Routing Registry
Routing Registry is used to register therouting policy of the IXP membership
documenting peering relationshipsauto-configuring of peer routers
Alternative is to use the public InternetRouting Registry (IRR)
-
8/12/2019 d2-1up
30/32
30 2003, Cisco Systems, Inc. All rights reserved.Cisco ISP Workshops
IXP Design
Summary
-
8/12/2019 d2-1up
31/32
313131 2003, Cisco Systems, Inc. All rights reserved.Cisco ISP Workshops
Summary
L2 IXP most commonly deployed
typically based around ethernet or ATM
switches L3 IXP nowadays generally a marketing
concept used by wholesale ISPs
doesnt offer the same flexibility as L2
-
8/12/2019 d2-1up
32/32
32 2003, Cisco Systems, Inc. All rights reserved.Cisco ISP Workshops
Internet Exchange PointDesign
ISP/IXP WorkshopsISP/IXP Workshops
