I know typically peering exchanges are made for peering traffic between
providers, but can you buy IP transit from a provider on an exchange? An
example, buy a 10G port on an exchange, peer 5Gbps of traffic with multiple
providers on the exchange, and buy 5Gbps of IP transit from others on the
exchange?
Some might ask why not get a cross connect to the provider. It is cheaper
to buy an port on the exchange (which includes the cross connect to the
exchange) than buy multiple cross connects. Plus we are planning on getting
a wave to the exchange, and not having any physical routers or switches at
the datacenter where the exchange/wave terminates at. Is this possible?
Depends on the exchange. Some allow it, some don’t. Some don’t have a
policy.
Some providers offer it, some don’t.
Randy
it depends. Some transit providers will decline to do this because it can
impact on their margin. Most IXPs don't have a problem with it, but some
do - although it's not clear how they can tell which packets are transit
and which are peering.
Nick
Hi Conor,
I know this is possible since Hurricane Electric does it for IPv6 transit, however, I'm not sure if it violates any exchange rules or if it's even a good idea.
I know typically peering exchanges are made for peering traffic between
providers, but can you buy IP transit from a provider on an exchange? An
example, buy a 10G port on an exchange, peer 5Gbps of traffic with multiple
providers on the exchange, and buy 5Gbps of IP transit from others on the
exchange?
Some IXPs have a rule that explicitly disallows this, others encourage it, most don’t care. I don’t know of any that have a mechanism to enforce a rule prohibiting it.
PCH’s guidance in the IXP formation process is to avoid creating rules which are, practically, unenforceable. So we generally counsel IXPs against having a rule precluding transit across the switch fabric. That said, a crossconnect is a _much better idea_.
Some might ask why not get a cross connect to the provider. It is cheaper
to buy an port on the exchange (which includes the cross connect to the
exchange) than buy multiple cross connects. Plus we are planning on getting
a wave to the exchange, and not having any physical routers or switches at
the datacenter where the exchange/wave terminates at. Is this possible?
Yes, it’s possible, but what you describe is a pretty fragile setup. Lots of common points of failure between peering and transit; places where screwing one up would screw both up. If all of this is really tangential to whatever you’re doing, and you don’t mind looking a little out-of-step with best practices, and you don’t mind it all being down at once, any time anything breaks, then it may be a reasonable economy. If you’re planning on actually depending on it, you need to do better engineering, and either spend more money, or allocate your money more conservatively.
Doing everything the cheapest possible way, regardless of the fragility or complexity, is very short-sighted, and is unlikely to be an economy in the long run.
-Bill
I know a couple networks that offer to sell transit over exchanges that
permit it, but require that you take a private VLAN on the exchange.
Some exchanges offer private VLANs, others don't.
Regards,
Chris Rogers
+1.302.357.3696 x2110
http://inerail.net/
I have seen this work well when the exchange allows more than one MAC address to be presented at layer2. This way you can have two separate sub interfaces presented, one for peering and one for your private cross connect/transit. That way the routing all stays clean and manageable. It's still a little messy, but is a much better solution than getting peering and transit over a single layer3 interface.
The exchange in question is Equinix. Their sales team is leading me
to believe there are multiple exchange products. One where you can peer
with providers (Google, Netflix for example) and then one where you can
create virtual private layer 2 vlans between providers. Then there is also
the traditional cross connect fee of $350 if you want to go from one
cage/rack to the other.
So in a situation where we are getting a 10Gig transport wave to Equinix,
we would ideally like to split this wave's use to 5Gbps of traffic going to
the peering exchange for traffic going directly to Google, Netflix, and
other CDN's, and then 5Gbps of pure IP transit going to a low cost provider
like HE.net. Of course providers like HE.NET are also peers on the peering
exchange, so it seems possible that we could just opening a peering
conenction with them.
I think the way most providers would do this would be to get a rack and
power with Equinix. Pay a cross connect fee from the wave provider to our
rack. Pay for an exchange port (which includes a cross connect to the
exchange) for the 5GBPS of traffic going to Netflix, Google, etc. And then
pay for yet another cross connect going to HE.net's cage to get pure IP
from them.
If I can buy transit directly I avoid the expenses of having to pay for
space, power, another router/switch, plus a second cross connect. Thats
quite a bit of money saved.
Are exchanges really that unreliable compared to a traditional cross
connect?
Plus we are planning on getting
a wave to the exchange, and not having any physical routers or switches at
the datacenter where the exchange/wave terminates at. Is this possible?
It's been a while since I've checked the Equinix Customer Agreement and Policies documents, but I know at one time they required a physical presence in the in the IDC for an Exchange cross-connect. This may have changed in the past several years.
-evt
I agree with Bill...going it on the cheap is risky. DOn't consider it for
primary. It may be good for backup. I have sold small amounts of transit
to non-ISP companies on exchanges (100-200 meg). It's a good extra backup
for ISPs, if you setup your local pref, MED and then prepend your AS an
extra time or two to the prefixes you transmit. Then if you ever need to
use it, it's sitting there waiting to send and receive traffic. I let ISPs
customers do that with us for real low cost backup fees.
Bob Evans
Hi Colton,
The primary challenge in buying IP Transit across a Peering Exchange is not so much of a technical configuration challenge, but rather a 'how do we keep track of how much IP Transit you are using' ..a billing challenge.
and additionally, one is making the assumption that there is capacity to do so on the IP Transit Providers Peering Port Connection.
While it is possible to deal with such issue, but you need someone willing and able to do so, on the other side.
The way our exchange works is 2 different products in regards to this.
1.Peering on the exchange. This is a BGP exchange.
2.Private VLAN. Each side gets a private VLAN between the two.
Either way you buy capacity on the exchange and it¹s up to you how you use
it.
I have some Equinix documents on their exchange port offerings if you are
interested.
Justin
Be careful joining an IX just to peer with Google (AS15169) and a few others...especially if your exchange doesn’t have route servers established.
Some companies, such as NetFlix, have a truly open peering policy; establishing a bilateral BGP session with them is super-straightforward.
On the other hand, Google’s actively-enforced policy requires you already exchange 100Mbps+ w/ their netblocks: upon requesting a session they’ll monitor/check related traffic for a few weeks before following up on your initial request.
More details: https://peering.google.com/about/peering_policy.html
As for transit across IX fabric, I know that HE.net is at least willing to discuss such a possibility (just started this exact discussion with their NOC last night), although they discourage it for reasons pointed out by others in this thread. On the other hand, with a willing transit provider, if you prepend your AS a few times…an IX's fabric makes a very cost-effective failover.
Gregg Berkholtz
Not necessarily.
It's just that when money is changing hands, folk tend to
find (passive) x-connects within the data centre to be far
more reliable (even though they are not infallible) than
passing traffic across another (active) system being run by
someone else in the same physical facility.
Plus, some service providers will drastically reduce or
eliminate SLA's (for whatever they may be worth) if there is
another active system in between you and their service.
Mark.
Several exchange points now support some kind of resale
model, where peering members are transported into the
exchange point via network, without the need for physical
presence at the exchange point location.
I'm not sure whether Equinix's exchange points do this.
Mark.
We don't support that, for example, for reasons stated by
many before.
Even if we did, we typically don't offer customer services
on peering routers. So physically, it would be a nightmare
trying to terminate an IP Transit service from a peering
member when the only path between us and them is a peering
router. Yes, tunneling works, but tunnels <insert your
choice of colourful text here>.
Mark.
Hi,
I’m pretty sure IX Reach can take you into an Equinix exchange, so it is probably possible that they allow this kind of stuff to happen.
Ammar.
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received it by mistake, please let us know by e-mail reply and delete it from your system; you may not copy this message or disclose its contents to anyone. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of the company. Finally, the recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email.
I meant in terms of a reseller model between the exchange
point and preferred service providers on behalf of the
exchange point members.
Of course, anyone can transport anyone anywhere, as long as
the right people are paid. But exchange points have been
getting into reseller models with transport providers as a
way to discount what would be a normal transport service
between two or more points.
Mark.
At the risk of being snarky, if somebody doesn't have a presence where do
you connect the other end of the cross-connect cable? 
(Note that's different than "I'm in a PoP on the west side of town, and
the logical place to land my uplink is blade 2, port 3 of a router belonging
to $upstream over on the east side of town" - that's an external connection
not a cross-connect)
Well, we would have a BGP router in another town. Then get a wave from a
transport provider from the other town to the town that equinix or the
peering exchange was located at. The cross connect would go from the
transport providers Z location to the port on the exchange. I have
confirmed that Equinix is willing to sell us a port on the exchange even if
we don't have a physical presence there.