best practices for hkix peering
play

Best Practices for HKIX Peering ISP Symposium 2017 Kenneth CHAN - PowerPoint PPT Presentation

Oct 07, 2023 •167 likes •601 views

Best Practices for HKIX Peering ISP Symposium 2017 Kenneth CHAN Team Lead, HKIX www.hkix.net 18 Dec 2017 What is HKIX? Established in Apr 1995, Hong Kong Internet eXchange (HKIX) is the main layer-2 Internet eXchange Point (IXP) in Hong

  1. Best Practices for HKIX Peering ISP Symposium 2017 Kenneth CHAN Team Lead, HKIX www.hkix.net 18 Dec 2017

  2. What is HKIX? • Established in Apr 1995, Hong Kong Internet eXchange (HKIX) is the main layer-2 Internet eXchange Point (IXP) in Hong Kong where various autonomous systems interconnect with one another and exchange traffic • HKIX is now owned and operated by the Hong Kong Internet eXchange Limited (a wholly-owned subsidiary of The Chinese University of Hong Kong Foundation Limited) in collaboration with Information Technology Services Centre of The Chinese University of Hong Kong • HKIX serves both commercial networks and R&E networks • The original goal is to keep intra-Hong Kong traffic within Hong Kong

  3. Help Keep Intra-Asia Traffic within Asia • We have almost all the Hong Kong networks • So, we can attract participants from Mainland China, Taiwan, Korea, Japan, Singapore, Malaysia, Thailand, Indonesia, Philippines, Vietnam, India and other Asian countries • We now have more non-HK routes than HK routes • We do help keep intra-Asia traffic within Asia • In terms of network latency, Hong Kong is a good central location in Asia • HKIX does help HK maintain as one of the Internet hubs in Asia • HKIX supports both domestic and international traffic

  4. HKIX Model — MLPA over Layer 2 + BLPA ISP A ISP B ISP C ISP D Routes of Routes of Routes of Routes of ISP C ISP D ISP B ISP A Routes of All Routes of All Routes of All Routes of All ISPs in HKIX ISPs in HKIX ISPs in HKIX ISPs in HKIX Routes from Switched Ethernet All ISPs Routes of All ISPs in HKIX MLPA • MLPA traffic exchanged directly over layer 2 without going through MLPA Route Route Server Servers • BLPA over layer 2 without involvement of MLPA Route Server • Supports both IPv4 and IPv6 over the same layer 2 infrastructure

  5. New HKIX Dual-Core Two-Tier Spine-and-Leaf Architecture For 2014 and Beyond HKIX1 Core Site @CUHK HKIX1b Core Site @CUHK ------(<2km)------ Core Core Core Core Switch Switch Switch Switch @HKIX1 @HKIX1 @HKIX1b @HKIX1b n x 100GE/10GE n x 100GE/10GE Inter-Switch Inter-Switch Links Links Access Access Access Access Access Access Switch(es) Switch(es) Switches Switches Switch(es) Switch @HKIX-R&E @HKIX m @HKIX2 @HKIX1 @HKIX1b @HKIX n 100GE/10GE/GE 100GE/10GE/GE Links Links ISP 1 ISP 2 ISP 3 ISP 4 ISP 5 ISP 6 ISP 7

  6. HKIX Traffic in 2007

  7. HKIX Traffic in 2010

  8. HKIX Traffic in 2013

  9. HKIX Traffic in 2016

  10. HKIX Today • Supports both MLPA (Multilateral Peering) and BLPA (Bilateral Peering) over layer 2 • Supports IPv4/IPv6 dual-stack • More and more non-HK participants • 270+ autonomous systems connected • 500+ connections in total – 20 100GE, 300+ 10GE & 170+ GE • 960+Gbps (5-min) total traffic at peak • Annual Traffic Growth ~30%

  11. HKIX Traffic Daily Graph (5-min average)

  12. HKIX Traffic Yearly Graph (1-day average)

  14. Advantages of HKIX • Location – Hong Kong is a good central location in Asia ~50ms to Tokyo and ~30ms to Singapore • Neutral – Treat all partners equal, big or small – Neutral among ISPs / telcos / local loop providers/ data centers / content providers / cloud services providers • Trustable – Treat all partners fair and consistent – Respect business secrets of every partner / participant • High Performance – No internal performance bottleneck, no internal packet loss • Not for Profit – Charging mainly for equipment upgrade and long-term sustainability, not for profit-making

  15. 100G Connections at HKIX HKIX 100G Ports Connected (2016 NOV - 2017 DEC) 25 Number of Connections 20 20 19 17 15 14 14 12 11 10 9 9 7 7 7 5 5 3 0 Year-Month 100GE

  16. 100G Participants at HKIX • Akamai • Amazon • China Mobile International • CloudFlare • Facebook • Google • Hong Kong Broadband Network • Hurricane Electric • Tencent • TVB • Yahoo!

  17. HKIX Satellite Sites Hong Kong, 08 Feb 2017 HKIX announces that 3 new satellite sites will be established in collaboration with 3 commercial data centres which provide colocation services as well as easy connections to HKIX. Satellite Satellite Site Collaborator District Ports Supported Status Site HKIX2 CITIC Telecom International Kwai Chung GE/10GE Ready for Service HKIX3 SUNeVision / iAdvantage Fo Tan GE/10GE/100GE Ready for Service 28 Feb 2017 HKIX4 NTT Com Asia Tseung Kwan O GE/10GE/100GE Ready for Service 19 Jun 2017 HKIX5 KDDI / Telehouse / Tseung Kwan O GE/10GE/100GE Ready for Service HKCOLO.net 24 Mar 2017 For connections to HKIX at Satellite Sites, special connection charges will be charged by relevant operators, • in addition to the port charges charged by HKIX. • For HKIX participants not co-located at HKIX satellite sites, they can still connect to any of the two HKIX core sites, i.e. HKIX1 and HKIX1b sites by local loops via local loop providers.

  18. Setup Multiple HKIX Satellite Sites • Allow participants to connect to HKIX more easily at lower cost from those satellite sites in Hong Kong • Open to commercial data centres in HK which fulfil minimum requirements so as to maintain neutrality which is the key success factor of HKIX • Create a win-win situation with satellite site collaborators • To be named HKIX2/3/4/5/6/etc Latest updates: – HKIX2 has been migrated from old model to HKIX Satellite Site – HKIX3/4/5 are new Satellite Sites and they are Ready for Service now • HKIX1 and HKIX1b (the two HKIX core sites located within CUHK Campus ) will continue to serve participants directly

  19. HKIX-R&E Node − Support for National R&E Networks in Hong Kong HKIX helps those R&E Networks interconnect among themselves and with • commercial networks without restrictions via HKIX-R&E switch at MEGA-i The main purpose is to facilitate those National R&E Networks having presence in • Hong Kong to do interconnections among themselves * and * do peering with commercial networks at HKIX more easily and at a lower cost. Started in 2008 • Located in MEGA-iAdvantage • For Research and Education Networks (R&E) only • Support GE/10GE/100GE Trunk Ports • Support Point-to-point VLANs for R&E networks • For private interconnections among any 2 R&E networks – Jumbo Frame support – Fiber Cross Connect to be provided by R&E networks • 7x24 NOC support • Operate by HKIX with a Nexus7700 switch at MEGA-i •

  20. HKIX-R&E Node at MEGA-i 270+ Commercial HKIX Networks Singapore NUS 20GE Nordics GE NORDUnet GE APANJP/NICT/ Japan JGN-X 10GE 100GE HKIX- China CERNET R&E KISTI/ Korea 10GE KREONET2 10GE 10GE NIA/ 10GE Korea KOREN CSTNET China 10GE 10GE ASTI/ ASGCNET PREGINET Taiwan ASNET Philippine Taiwan

  22. GNA - A Blueprint for Global R&E Network Architecture http://gna-re.net • The Global Network Architecture program (GNA) is an international collaboration between national research and education (R&E) networks • The discussions inside the GNA group have led to a global network architecture model that consists of a powerful intercontinental transmission substrate, consisting of: – Global Open Exchange Points (GXPs) – High-bandwidth transmission pipes (running between GXPs) for sharing

  23. GNA – artist’s impression Credit – Mian Usman (DANTE)

  25. Planned Works for 2017/18 • Improved Stability – Better Control of Proxy ARP (DONE) – L2 Control on HKIX peering LAN (DONE) • Improved Services – Set up Satellite Sites in multiple commercial Data Centre (DONE) – Set up portal for HKIX participants (2018 Q1) – True 24x7 NOC (DONE) – Improve after-hour support (DONE) – More advanced Route Server features (2018 Q1) • Improved Security – ISO27001 (2018 Q2) – Better support for DDoS Mitigation (DONE)

  26. Better Control of Proxy ARP – Automatic Detection of Proxy ARP (implemented) • Based on duplicated IPv4 ARP entries learned on HKIX Route Servers – Automatic shutdown switch port of HKIX peer causing Proxy ARP (will be implemented soon) – Email notification to NOC of HKIX peer causing Proxy ARP (will be implemented soon)

  27. Better Control of Proxy ARP – Recommendation: • Disable Proxy ARP COMPLETELY!! • No restricted or unrestricted Proxy ARP – Cisco IOS: • Configuration at interface: – no ip proxy-arp • Verification: – show ip interface | include Proxy ARP – “Proxy ARP is disabled” – Juniper JUNOS: • Proxy ARP is not enabled by default • So do NOT configure restricted or unrestricted mode Proxy ARP

  28. L2 Control for HKIX Peering LAN – Traffic Allowed in HKIX Peering LAN: • Ethernet Types – 0x0800 - IPv4 – 0x0806 - ARP – 0x86dd - IPv6 • Unicast Only – No multicast or broadcast except ARP broadcast • Port Security Always On – One MAC address one port

  29. Advanced Route Server Feature Feature BGP Standard Community Send prefix to all 4635:4635 Send prefix to $Peer-AS only 4635:$Peer-AS Do not send prefix to all 0:4635 Do not send prefix to $Peer-AS 0:$Peer-AS - Target for Q1 of 2018 - Support 2-byte AS numbers only - Default sending prefix to all if no BGP community is tagged

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

HKIX Updates at HKNOG 7.0 Kenneth CHAN HKIX www.hkix.net 1 Mar 2019 HKIX Today Supports

HKIX Updates at HKNOG 7.0 Kenneth CHAN HKIX www.hkix.net 1 Mar 2019 HKIX Today Supports

HKIX Updates at HKNOG 7.0 Kenneth CHAN HKIX www.hkix.net 1 Mar 2019 HKIX Today Supports both MLPA (Multilateral Peering) and BLPA (Bilateral Peering) over layer 2 Supports IPv4/IPv6 dual-stack More and more non-HK participants

384 views • 24 slides
HKIX 100G Network &amp; Internet Traffic due to World Cup HKNOG 6.1 Kenneth CHAN HKIX

HKIX 100G Network &amp; Internet Traffic due to World Cup HKNOG 6.1 Kenneth CHAN HKIX

HKIX 100G Network &amp; Internet Traffic due to World Cup HKNOG 6.1 Kenneth CHAN HKIX www.hkix.net 7 Sep 2018 HKIX Today Supports both MLPA (Multilateral Peering) and BLPA (Bilateral Peering) over layer 2 Supports IPv4/IPv6

384 views • 34 slides
HKIX Platform Upgrade &amp; Bilateral Peering Che-Hoo CHENG Hong Kong Internet Exchange

HKIX Platform Upgrade &amp; Bilateral Peering Che-Hoo CHENG Hong Kong Internet Exchange

HKIX Platform Upgrade &amp; Bilateral Peering Che-Hoo CHENG Hong Kong Internet Exchange (HKIX) The Chinese University of Hong Kong (CUHK) 02 MAR 2010 Introduction of HKIX (1/2) HKIX is a Settlement-Free Layer-2 Internet Exchange Point

600 views • 30 slides
HKIX Updates at APIX &amp; APRICOT 2018 Kathmandu, Nepal 24-28 Feb 2018 Kenneth CHAN Team

HKIX Updates at APIX &amp; APRICOT 2018 Kathmandu, Nepal 24-28 Feb 2018 Kenneth CHAN Team

HKIX Updates at APIX &amp; APRICOT 2018 Kathmandu, Nepal 24-28 Feb 2018 Kenneth CHAN Team Lead, HKIX www.hkix.net HKIX Today Supports both MLPA (Multilateral Peering) and BLPA (Bilateral Peering) over layer 2 Supports IPv4/IPv6

357 views • 11 slides
Peering in Hong Kong Che-Hoo CHENG CUHK/HKIX www.hkix.net How Internet Operates in simple

Peering in Hong Kong Che-Hoo CHENG CUHK/HKIX www.hkix.net How Internet Operates in simple

Peering in Hong Kong Che-Hoo CHENG CUHK/HKIX www.hkix.net How Internet Operates in simple terms Internet is composed of networks of ISPs and users User networks connect to ISPs Small ISPs connect to large ISPs ISPs

577 views • 23 slides
HKIX Updates at JPIX User Meeting Kenneth CHAN Team Lead, HKIX www.hkix.net 5 Jul 2017 About

HKIX Updates at JPIX User Meeting Kenneth CHAN Team Lead, HKIX www.hkix.net 5 Jul 2017 About

HKIX Updates at JPIX User Meeting Kenneth CHAN Team Lead, HKIX www.hkix.net 5 Jul 2017 About me Team Lead of HKIX Planning, design and implementation of HKIX infrastructure and supporting systems In charge of full HKIX operations

1.02k views • 21 slides
HKIX IPv4 Address Renumbering from /23 to /21 Experience Sharing Che-Hoo CHENG CUHK/HKIX

HKIX IPv4 Address Renumbering from /23 to /21 Experience Sharing Che-Hoo CHENG CUHK/HKIX

HKIX IPv4 Address Renumbering from /23 to /21 Experience Sharing Che-Hoo CHENG CUHK/HKIX 08 Sep 2015 www.hkix.net 20 th Anniversary of HKIX HKIX started with thin coaxial cables in Apr 1995 Gradually changed to UTP cables / fibers

508 views • 19 slides
Hong Kong Internet Exchange (HKIX) http://www.hkix.net/ What is HKIX? HKIX is a Public

Hong Kong Internet Exchange (HKIX) http://www.hkix.net/ What is HKIX? HKIX is a Public

Hong Kong Internet Exchange (HKIX) http://www.hkix.net/ What is HKIX? HKIX is a Public Internet Exchange Point (IXP) in Hong Kong it is not a Transit Provider HKIX is the major domestic Interconnection point in HK where ISPs in HK

524 views • 41 slides
PEERING A very brief introduction Types of Peering Private Peering Bi-lateral Peering

PEERING A very brief introduction Types of Peering Private Peering Bi-lateral Peering

PEERING A very brief introduction Types of Peering Private Peering Bi-lateral Peering Multi-lateral Peering Private Peering Dedicated circuit between two peers Can use a cross connect within a data centre; Or via dark

608 views • 21 slides
Hong Kong Internet Exchange (HKIX) http://www.hkix.net/ What is HKIX? HKIX is a public

Hong Kong Internet Exchange (HKIX) http://www.hkix.net/ What is HKIX? HKIX is a public

Hong Kong Internet Exchange (HKIX) http://www.hkix.net/ What is HKIX? HKIX is a public Internet Exchange Point (IXP) in Hong Kong HKIX is the main Interconnection point in HK where ISPs in HK can interconnect with one another and

512 views • 36 slides
HKIX Upgrade Plan in 2013 Che-Hoo CHENG The Chinese University of Hong Kong (CUHK) /

HKIX Upgrade Plan in 2013 Che-Hoo CHENG The Chinese University of Hong Kong (CUHK) /

HKIX Upgrade Plan in 2013 Che-Hoo CHENG The Chinese University of Hong Kong (CUHK) / Hong Kong Internet Exchange (HKIX) www.hkix.net What is HKIX? HKIX is a public Internet Exchange Point (IXP) in Hong Kong HKIX is the main

528 views • 25 slides
Best Prac*ces for ISPs Che-Hoo Cheng CUHK/HKIX

Best Prac*ces for ISPs Che-Hoo Cheng CUHK/HKIX

Best Prac*ces for ISPs Che-Hoo Cheng CUHK/HKIX 2014.08.01 www.hkix.net What Providers Care About Cost / Performance / Resilience / Interconnec3ons /

750 views • 42 slides
Access Power Peering A historical perspective on The Evolution of the Internet Peering Ecosystem

Access Power Peering A historical perspective on The Evolution of the Internet Peering Ecosystem

Access Power Peering A historical perspective on The Evolution of the Internet Peering Ecosystem William B. Norton Executive Director DrPeering International The 2 nd Workshop on Internet Economics (WIE11) DR PEERING December 1-2, 2011

475 views • 26 slides
Practical VoIP Peering Klaus Darilion enum.at klaus.darilion@enum.at www.enum.at Practical

Practical VoIP Peering Klaus Darilion enum.at klaus.darilion@enum.at www.enum.at Practical

Practical VoIP Peering Klaus Darilion enum.at klaus.darilion@enum.at www.enum.at Practical VoIP Peering Peering* Peering: negotiation of reciprocal interconnection arrangements between service providers Layer 3 peering Layer 5

1.23k views • 37 slides
Remote Peering: More Peering without Internet Flattening Ignacio Castro Juan Camilo Cardona

Remote Peering: More Peering without Internet Flattening Ignacio Castro Juan Camilo Cardona

Remote Peering: More Peering without Internet Flattening Ignacio Castro Juan Camilo Cardona * Sergey Gorinsky Pierre Francois IMDEA Networks Institute Open University of Catalonia * Carlos III University of Madrid Madrid,

473 views • 25 slides
The Peering Simulation Game William B. Norton Co-Founder, Chief Technical Liaison Equinix Inc.

The Peering Simulation Game William B. Norton Co-Founder, Chief Technical Liaison Equinix Inc.

The Peering Simulation Game William B. Norton Co-Founder, Chief Technical Liaison Equinix Inc. APRICOT Bali 2007 3 minute Intro to Peering Transit $$ ISP A Peering provides routes only to each Upstream others customers Transit Provider

545 views • 21 slides
10-08035 LA-UR- Approved for public release; distribution is unlimited. Title: Data-Intensive

10-08035 LA-UR- Approved for public release; distribution is unlimited. Title: Data-Intensive

10-08035 LA-UR- Approved for public release; distribution is unlimited. Title: Data-Intensive Computing on Numerically-Intensive Supercomputers Author(s): Ahrens James P. 113788 CCS-7, Fasel Patricia K. 090207 CCS-3, Habib Salman 109589

875 views • 56 slides
Lecture 2 Data representation Computing platforms Novosibirsk State University University of

Lecture 2 Data representation Computing platforms Novosibirsk State University University of

Lecture 2 Data representation Computing platforms Novosibirsk State University University of Hertfordshire D. Irtegov, A.Shafarenko 2018 Finite length binary numbers CdM-8 memory cells and registers have 8 bits They cannot represent

562 views • 16 slides
Buying Electricity in a Time Differentiated Market Farmer Presentation Outline The intent of

Buying Electricity in a Time Differentiated Market Farmer Presentation Outline The intent of

Farm Energy IQ Buying Electricity in a Time Differentiated Market Farmer Presentation Outline The intent of this lesson is to provide informatjon and skills to the atuendees who have demonstrated an interest in real tjme pricing as a means to

439 views • 4 slides
Architecting the Blockchain for Failure Conor Svensson @conors10 blk.io Founder web3j Author

Architecting the Blockchain for Failure Conor Svensson @conors10 blk.io Founder web3j Author

Architecting the Blockchain for Failure Conor Svensson @conors10 blk.io Founder web3j Author Enterprise Technology (Established) Blockchain Technology (Emergent) The Enterprise Ethereum Alliance Agenda Ethereum &amp; web3j Failure in

1.13k views • 75 slides
Porting of an FPGA Based High Data Rate DVB-S2 Modulator Ivan Corretjer Chayil Timmerman John

Porting of an FPGA Based High Data Rate DVB-S2 Modulator Ivan Corretjer Chayil Timmerman John

Porting of an FPGA Based High Data Rate DVB-S2 Modulator Ivan Corretjer Chayil Timmerman John Glancy Andrew Miller Michael Rupar MIT Lincoln Laboratory The Naval Research Laboratory SDR11 WInnComm This work is sponsored by the

401 views • 36 slides
Project: IEEE P802.15 Working Group for Wireless Personal Area Networks ( etworks (WPANs WPANs)

Project: IEEE P802.15 Working Group for Wireless Personal Area Networks ( etworks (WPANs WPANs)

July 9, 2006 doc.: IEEE 802.15-0760-01-003c Project: IEEE P802.15 Working Group for Wireless Personal Area Networks ( etworks (WPANs WPANs) ) Project: IEEE P802.15 Working Group for Wireless Personal Area N Submission Title: [TensorCom

1.01k views • 77 slides
Introduction to Energy Balance Table (EBT) AIM Training Workshop Tokyo, Japan Oct 22-26, 2007

Introduction to Energy Balance Table (EBT) AIM Training Workshop Tokyo, Japan Oct 22-26, 2007

Introduction to Energy Balance Table (EBT) AIM Training Workshop Tokyo, Japan Oct 22-26, 2007 Introduction to Energy Balance Table Tomoki Ehara Contents Contents Basics of energy data Basics of energy data General descriptions General

541 views • 27 slides
MK-CONFIGURE lightweight easy for use replacement for GNU Autotools Aleksey Cheusov

MK-CONFIGURE lightweight easy for use replacement for GNU Autotools Aleksey Cheusov

MK-CONFIGURE lightweight easy for use replacement for GNU Autotools Aleksey Cheusov vle@gmx.net LVEE 2009 Whats wrong with GNU autotools? Too complex for use Overbloated **** (tens of thousands(!) lines of source code)

398 views • 17 slides

More recommend