hkix updates at hknog 7 0
play

HKIX Updates at HKNOG 7.0 Kenneth CHAN HKIX www.hkix.net 1 Mar - PowerPoint PPT Presentation

Dec 06, 2023 •132 likes •384 views

HKIX Updates at HKNOG 7.0 Kenneth CHAN HKIX www.hkix.net 1 Mar 2019 HKIX Today Supports both MLPA (Multilateral Peering) and BLPA (Bilateral Peering) over layer 2 Supports IPv4/IPv6 dual-stack More and more non-HK participants

  1. HKIX Updates at HKNOG 7.0 Kenneth CHAN HKIX www.hkix.net 1 Mar 2019

  2. HKIX Today • Supports both MLPA (Multilateral Peering) and BLPA (Bilateral Peering) over layer 2 • Supports IPv4/IPv6 dual-stack • More and more non-HK participants • 300+ different networks (autonomous systems) connected • 510+ physical connections in total – 41 100GE , 320+ 10GE & 150+ GE • 1.34+Tbps (5-min) total traffic at peak • Annual Traffic Growth ~30%

  3. Current HKIX Traffic Daily Graph (5-min average)

  4. Current HKIX Traffic Yearly Graph (1-day average)

  5. Trend of 100GE connections

  6. HKIX 100GE Participants (1/2) • Akamai • Amazon • AOFEI • BGP Consultancy • China Mobile HK • China Mobile International • CloudFlare • Facebook • Google • HKBN • Hurricane Electric • Level 3 • Limelight

  7. HKIX 100GE Participants (2/2) • Mytek • PCCW IMS • Telin • Telstra • Tencent • TVB • Udomain • Valve • Yahoo

  8. Portal for HKIX Participants – Basic Functions (Currently Available) 1. Change Port Security 2. MRTG Statistics § Physical port § LAG port § Aggregated per Customer 3. Schedule Maintenance Window – Planned Features • Port Application • Site Access Application • Filter Update • Fault Case Reporting

  9. Portal for HKIX Participants • HKIX Portal Login Page (URL: https://portal.hkix.net/) Production Now! Contact provision@hkix.net for your portal account. It’s free!

  10. Support of Blackholing for Anti-DDoS on HKIX Route Servers HKIX route servers support Remote Triggered Black Hole Filtering (RTBH) for announcement of black-hole filtering http://www.hkix.net/hkix/anti-ddos.htm No. of ASNs Registered : 52 How it works? Victim’s ISP tag the /32 prefix with 4635:666 for its customer • HKIX route servers set the prefix with next hop 123.255.90.66 • RTBH participants accept the /32 prefix and set the next hop address for • 123.255.90.66 to null Expected Results: Only the victim’s IP will be unreachable via HKIX network while saving the others • The DDoS traffic will be black-holed at the side of the RTBH participating routers • which are closer to the DDoS traffic sources

  11. Support of Blackholing for Anti-DDoS on HKIX Route Servers (BEFORE)

  12. Support of Blackholing for Anti-DDoS on HKIX Route Servers (AFTER)

  13. Support of Blackholing for Anti-DDoS on HKIX Route Servers Enhancement of RTBH on HKIX route servers : • Contact us for RTBH membership registration • Only RTBH registered members can tag the blackhole route • Register your AS-Set in internet routing database and use IRR filtering on HKIX route servers (it can minimize the risk from accidentally announced a black-holing route that you are not allowed to advertise) • Only /32 is accepted for the prefix (e.g. victim’s IP address) • Announce your own network prefix only (very important!!!) • HKIX may shutdown the connection if improper use of the RTBH reported

  14. Filtering on HKIX Route Servers • HKIX supports IRR filtering on Route Servers – Applicable to general HKIX members – Filtering by IP addresses – Update automatically from Internet Routing Registry database – Please register your AS-SET at IRR database • The Origin ASNs manual update processes will be ceased on 1-Jul-2020 – Please register and change to use IRR filtering before decommission of AS Number filtering • RPKI support will be available by 2019

  16. HKIX-R&E Network Diagram

  18. HKIX Upgrade Plan @MEGA-i HKIX3b@ HKIX-R&E MEGA-i Since 2008 HKIX3b Target 2019-Q2 Upgrade 40G to 200G by April 2019

  19. Reseller Network Topology Diagram

  20. HKIX Reseller Program • Target oversea participants for peering • Non exclusive arrangement / resellers can be IXPs, Data Centres, local and regional ISPs • First batch will be available in satellite sites only • Second batch will be extended to HKIX core sites If you are interest be one of our resellers, please contact info[@]hkix.net.

  21. HKIX Planned Works for 2019 Improved Stability • – Better Control of Proxy ARP Improved Services • – Rollout portal for HKIX participants / R&E participants – True 24x7 NOC (both email & hotline support) – Improve after-hour support – Introduce advanced Route Server functions – Automatic network filter update (support updates from IRR) – New HKIX Route Server – perfSONAR server Improved Security • – ISO27001 – Better support for DDoS mitigation – Implement MANRS IXP Programme for routing security – Implement RPKI on HKIX Route Servers to enhance routing security

  22. HKIX Future Upgrade Plan • Support of 400G connections • Network traffic visibility • Network automation • EVPN (VXLAN) – Multiple vendors support – Unknown unicast suppression – VLAN translation

  23. HKIX IX name Hong Kong Internet eXchange City, Country Hong Kong Point of Presence Core Sites: HKIX1 & HKIX1b @CUHK HKIX-R&E: HKIX-R&E@MEGA-i Satellite Sites: HKIX2 @CITIC, HKIX3 @iAdvantage, HKIX4 @NTT, HKIX5 @KDDI # of connected ASN 302 Peak traffic 1.34 Tbps Route Servers Yes (Cisco ASR1006) Remarks PeeringDB: https://www.peeringdb.com/ix/42 • Information • http://www.hkix.net • info@hkix.net

  24. Thank You! For enquiries, please contact us at info [@] hkix.net

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

HKIX 100G Network & Internet Traffic due to World Cup HKNOG 6.1 Kenneth CHAN HKIX

HKIX 100G Network & Internet Traffic due to World Cup HKNOG 6.1 Kenneth CHAN HKIX

HKIX 100G Network & Internet Traffic due to World Cup HKNOG 6.1 Kenneth CHAN HKIX www.hkix.net 7 Sep 2018 HKIX Today Supports both MLPA (Multilateral Peering) and BLPA (Bilateral Peering) over layer 2 Supports IPv4/IPv6

384 views • 34 slides
HKIX Updates at JPIX User Meeting Kenneth CHAN Team Lead, HKIX www.hkix.net 5 Jul 2017 About

HKIX Updates at JPIX User Meeting Kenneth CHAN Team Lead, HKIX www.hkix.net 5 Jul 2017 About

HKIX Updates at JPIX User Meeting Kenneth CHAN Team Lead, HKIX www.hkix.net 5 Jul 2017 About me Team Lead of HKIX Planning, design and implementation of HKIX infrastructure and supporting systems In charge of full HKIX operations

1.02k views • 21 slides
HKIX Updates at APIX & APRICOT 2018 Kathmandu, Nepal 24-28 Feb 2018 Kenneth CHAN Team

HKIX Updates at APIX & APRICOT 2018 Kathmandu, Nepal 24-28 Feb 2018 Kenneth CHAN Team

HKIX Updates at APIX & APRICOT 2018 Kathmandu, Nepal 24-28 Feb 2018 Kenneth CHAN Team Lead, HKIX www.hkix.net HKIX Today Supports both MLPA (Multilateral Peering) and BLPA (Bilateral Peering) over layer 2 Supports IPv4/IPv6

357 views • 11 slides
HKIX IPv4 Address Renumbering from /23 to /21 Experience Sharing Che-Hoo CHENG CUHK/HKIX

HKIX IPv4 Address Renumbering from /23 to /21 Experience Sharing Che-Hoo CHENG CUHK/HKIX

HKIX IPv4 Address Renumbering from /23 to /21 Experience Sharing Che-Hoo CHENG CUHK/HKIX 08 Sep 2015 www.hkix.net 20 th Anniversary of HKIX HKIX started with thin coaxial cables in Apr 1995 Gradually changed to UTP cables / fibers

508 views • 19 slides
Hong Kong Internet Exchange (HKIX) http://www.hkix.net/ What is HKIX? HKIX is a Public

Hong Kong Internet Exchange (HKIX) http://www.hkix.net/ What is HKIX? HKIX is a Public

Hong Kong Internet Exchange (HKIX) http://www.hkix.net/ What is HKIX? HKIX is a Public Internet Exchange Point (IXP) in Hong Kong it is not a Transit Provider HKIX is the major domestic Interconnection point in HK where ISPs in HK

524 views • 41 slides
Best Practices for HKIX Peering ISP Symposium 2017 Kenneth CHAN Team Lead, HKIX www.hkix.net

Best Practices for HKIX Peering ISP Symposium 2017 Kenneth CHAN Team Lead, HKIX www.hkix.net

Best Practices for HKIX Peering ISP Symposium 2017 Kenneth CHAN Team Lead, HKIX www.hkix.net 18 Dec 2017 What is HKIX? Established in Apr 1995, Hong Kong Internet eXchange (HKIX) is the main layer-2 Internet eXchange Point (IXP) in Hong

601 views • 42 slides
Hong Kong Internet Exchange (HKIX) http://www.hkix.net/ What is HKIX? HKIX is a public

Hong Kong Internet Exchange (HKIX) http://www.hkix.net/ What is HKIX? HKIX is a public

Hong Kong Internet Exchange (HKIX) http://www.hkix.net/ What is HKIX? HKIX is a public Internet Exchange Point (IXP) in Hong Kong HKIX is the main Interconnection point in HK where ISPs in HK can interconnect with one another and

512 views • 36 slides
HKIX Upgrade Plan in 2013 Che-Hoo CHENG The Chinese University of Hong Kong (CUHK) /

HKIX Upgrade Plan in 2013 Che-Hoo CHENG The Chinese University of Hong Kong (CUHK) /

HKIX Upgrade Plan in 2013 Che-Hoo CHENG The Chinese University of Hong Kong (CUHK) / Hong Kong Internet Exchange (HKIX) www.hkix.net What is HKIX? HKIX is a public Internet Exchange Point (IXP) in Hong Kong HKIX is the main

528 views • 25 slides
HKIX Platform Upgrade & Bilateral Peering Che-Hoo CHENG Hong Kong Internet Exchange

HKIX Platform Upgrade & Bilateral Peering Che-Hoo CHENG Hong Kong Internet Exchange

HKIX Platform Upgrade & Bilateral Peering Che-Hoo CHENG Hong Kong Internet Exchange (HKIX) The Chinese University of Hong Kong (CUHK) 02 MAR 2010 Introduction of HKIX (1/2) HKIX is a Settlement-Free Layer-2 Internet Exchange Point

600 views • 30 slides
Best Prac*ces for ISPs Che-Hoo Cheng CUHK/HKIX

Best Prac*ces for ISPs Che-Hoo Cheng CUHK/HKIX

Best Prac*ces for ISPs Che-Hoo Cheng CUHK/HKIX 2014.08.01 www.hkix.net What Providers Care About Cost / Performance / Resilience / Interconnec3ons /

750 views • 42 slides
Peering in Hong Kong Che-Hoo CHENG CUHK/HKIX www.hkix.net How Internet Operates in simple

Peering in Hong Kong Che-Hoo CHENG CUHK/HKIX www.hkix.net How Internet Operates in simple

Peering in Hong Kong Che-Hoo CHENG CUHK/HKIX www.hkix.net How Internet Operates in simple terms Internet is composed of networks of ISPs and users User networks connect to ISPs Small ISPs connect to large ISPs ISPs

577 views • 23 slides
Hong Kong Hong Kong I nternet I nternet Exchange Exchange Exchange Exchange (HKI X (HKI X)

Hong Kong Hong Kong I nternet I nternet Exchange Exchange Exchange Exchange (HKI X (HKI X)

Hong Kong Hong Kong I nternet I nternet Exchange Exchange Exchange Exchange (HKI X (HKI X) (HKI X (HKI X) Updates Updates @APRI COT @APRI COT- -APAN 2011 APAN 2011 http://www.hkix. http://www.hkix.net net/ /

766 views • 28 slides
Mission Updates Payload and Subsystems Updates Rocket and Subsystems Updates

Mission Updates Payload and Subsystems Updates Rocket and Subsystems Updates

Mission Updates Payload and Subsystems Updates Rocket and Subsystems Updates Testing Updates Management Updates 2 Our mission Use a rocket to rapidly deploy a UAV capable of completing search and rescue type missions with

705 views • 31 slides
GUI Updates #1 Joschua Dilly, Martin Spitznagel O MC 25.02.2019 GUI Updates #1 2 Gui Updates

GUI Updates #1 Joschua Dilly, Martin Spitznagel O MC 25.02.2019 GUI Updates #1 2 Gui Updates

GUI Updates #1 Joschua Dilly, Martin Spitznagel O MC 25.02.2019 GUI Updates #1 2 Gui Updates Beam Selection: Removed Optics Chose Output Folder Directly Existing-Data Loading Model Creation: Cancel Button External Models Frequency Chart

764 views • 40 slides
All Provider Meeting March 20, 2019 1-3 pm Agenda Welcome Alliance Updates Legislative

All Provider Meeting March 20, 2019 1-3 pm Agenda Welcome Alliance Updates Legislative

All Provider Meeting March 20, 2019 1-3 pm Agenda Welcome Alliance Updates Legislative Updates(Brian Perkins) Medicaid Transformation Updates and Discussion(Sara Wilson) HIE Updates (Cathy Estes Downs) IDD Updates(Jarret Stone) Provider

845 views • 82 slides
General Updates November 26, 2015 By: Shelly Cuddy General Updates Implementation Updates

General Updates November 26, 2015 By: Shelly Cuddy General Updates Implementation Updates

General Updates November 26, 2015 By: Shelly Cuddy General Updates Implementation Updates Model Management Nitrate ICA Project Education and Outreach Agricultural Update Whats Next 2 Implementation Highlights- Part IV

404 views • 13 slides
10-08035 LA-UR- Approved for public release; distribution is unlimited. Title: Data-Intensive

10-08035 LA-UR- Approved for public release; distribution is unlimited. Title: Data-Intensive

10-08035 LA-UR- Approved for public release; distribution is unlimited. Title: Data-Intensive Computing on Numerically-Intensive Supercomputers Author(s): Ahrens James P. 113788 CCS-7, Fasel Patricia K. 090207 CCS-3, Habib Salman 109589

875 views • 56 slides
Lecture 2 Data representation Computing platforms Novosibirsk State University University of

Lecture 2 Data representation Computing platforms Novosibirsk State University University of

Lecture 2 Data representation Computing platforms Novosibirsk State University University of Hertfordshire D. Irtegov, A.Shafarenko 2018 Finite length binary numbers CdM-8 memory cells and registers have 8 bits They cannot represent

562 views • 16 slides
Buying Electricity in a Time Differentiated Market Farmer Presentation Outline The intent of

Buying Electricity in a Time Differentiated Market Farmer Presentation Outline The intent of

Farm Energy IQ Buying Electricity in a Time Differentiated Market Farmer Presentation Outline The intent of this lesson is to provide informatjon and skills to the atuendees who have demonstrated an interest in real tjme pricing as a means to

439 views • 4 slides
Buying Electricity in a Time Differentiated Market ASP Presentation Outline The intent of this

Buying Electricity in a Time Differentiated Market ASP Presentation Outline The intent of this

Farm Energy IQ Buying Electricity in a Time Differentiated Market ASP Presentation Outline The intent of this lesson is to provide informatjon and skills to the atuendees who have demonstrated an interest in real tjme pricing as a means to

235 views • 4 slides
Architecting the Blockchain for Failure Conor Svensson @conors10 blk.io Founder web3j Author

Architecting the Blockchain for Failure Conor Svensson @conors10 blk.io Founder web3j Author

Architecting the Blockchain for Failure Conor Svensson @conors10 blk.io Founder web3j Author Enterprise Technology (Established) Blockchain Technology (Emergent) The Enterprise Ethereum Alliance Agenda Ethereum & web3j Failure in

1.13k views • 75 slides
Porting of an FPGA Based High Data Rate DVB-S2 Modulator Ivan Corretjer Chayil Timmerman John

Porting of an FPGA Based High Data Rate DVB-S2 Modulator Ivan Corretjer Chayil Timmerman John

Porting of an FPGA Based High Data Rate DVB-S2 Modulator Ivan Corretjer Chayil Timmerman John Glancy Andrew Miller Michael Rupar MIT Lincoln Laboratory The Naval Research Laboratory SDR11 WInnComm This work is sponsored by the

401 views • 36 slides
Project: IEEE P802.15 Working Group for Wireless Personal Area Networks ( etworks (WPANs WPANs)

Project: IEEE P802.15 Working Group for Wireless Personal Area Networks ( etworks (WPANs WPANs)

July 9, 2006 doc.: IEEE 802.15-0760-01-003c Project: IEEE P802.15 Working Group for Wireless Personal Area Networks ( etworks (WPANs WPANs) ) Project: IEEE P802.15 Working Group for Wireless Personal Area N Submission Title: [TensorCom

1.01k views • 77 slides
Introduction to Energy Balance Table (EBT) AIM Training Workshop Tokyo, Japan Oct 22-26, 2007

Introduction to Energy Balance Table (EBT) AIM Training Workshop Tokyo, Japan Oct 22-26, 2007

Introduction to Energy Balance Table (EBT) AIM Training Workshop Tokyo, Japan Oct 22-26, 2007 Introduction to Energy Balance Table Tomoki Ehara Contents Contents Basics of energy data Basics of energy data General descriptions General

541 views • 27 slides

More recommend