Re: IXP

[Nick Hilliard <nick () foobar org>]

On 17/04/2009 15:11, Sharlon R. Carty wrote:
> I like would to know what are best practices for an internet exchange. I
> have some concerns about the following;
> Can the IXP members use RFC 1918 ip addresses for their peering?
> Can the IXP members use private autonomous numbers for their peering?
>
> Maybe the answer is obviuos, but I like to know from any IXP admins what
> their setup/experiences have been.

If it's your exchange, you can do anything you want.  I one saw a network 
which used 127.0.0.0/8 for connectivity.  But I'd strongly suggest 
insisting from day 1:

- public IP addresses for ipv4 and ipv6
- requirement for all members to use BGP, their own ASN and their own 
address space
- no customer IGPs
- dropping customer bpdus on sight
- ruthless and utterly fascist enforcement of one mac address per port, 
using either L2 ACLs or else mac address counting, with no exceptions for 
any reason, ever.  This is probably the single more important stability / 
security enforcement mechanism for any IXP.

You should also take a look at the technical requirements on some of the 
larger european IXP web sites (linx / ams-ix / decix / etc), to see what 
they allow and don't allow.

It goes without saying that you're not going to be able to do this on your 
average low-end switch.

Nick