IXP
Randy Bush
randy at psg.com
Sat Apr 18 23:08:51 UTC 2009
> - public IP addresses for ipv4 and ipv6
> - requirement for all members to use BGP, their own ASN and their own
> address space
just to not confuse, that is behind the peering port. the peering port
uses the exchange's ipv4/6 space
> - no customer IGPs
> - dropping customer bpdus on sight
> - ruthless and utterly fascist enforcement of one mac address per
> port, using either L2 ACLs or else mac address counting, with no
> exceptions for any reason, ever. This is probably the single more
> important stability / security enforcement mechanism for any IXP.
>
> You should also take a look at the technical requirements on some of
> the larger european IXP web sites (linx / ams-ix / decix / etc), to
> see what they allow and don't allow.
sharlon, reread nick's advice a few times, maybe pin it to your wall.
> It goes without saying that you're not going to be able to do this on
> your average low-end switch.
just curious. has anyone tried arista for smallish exchanges, before
jumping off the cliff into debugging extreme, foundry, ...
randy
More information about the NANOG
mailing list