How the TurkIX technically works
The TurkIX (AS206033) is supported by its Partners and Members. Currently, the traffic exchange point infrastructure TurkIX is currently distributed at many sites:
* BulgariaDC, Kapitan Andreevo, BG
* Fixnet, Edirne, TR
* Comnet, İstanbul, TR
* S3 Company, Sofia, BG
The whole network infrastructure is based on the newest hardware with Intelligent Stack technology and owned CWDM/DWDM equipment which is running on fully redundant fiber channels between all most points of presence.
The available connectivity standards for Member connections are:
Redundant route servers
For the exchange of IP routes between all members of TurkIX, we have built two independent Route Server (RS) for the BGPv4 protocol. The RS also supports the filtering of IP prefixes based on Internet Routing Registry (IRR) policies and other attributes of the BGPv4 Protocol (AS_PATH, Next-hop, etc.). Two route servers are configured on dedicated servers with a Linux-based operating system. To reduce the risks related to bugs in the software we use two different well-known software platforms for BGP routing such as Bird and Quagga
Advanced member panel
The TurkIX Member panel is based on the open-source project IXP Manager. Statistics on a member’s traffic and information on connectivity with other members are collected here. Traffic statistics are grouped by 12 hours, days, weeks and months. A member can analyze not only the bit rate, but also the packet rate, errors, and the number of discarded packets. The “Ports” tab contains information about the parameters of the member’s connection to TurkIX. Members can also find detailed information about their own Advertised/Accepted/Not Advertised IP prefixes and a useful Looking Glass tool here.
The infrastructure of the traffic exchange point brings members together into a single broadcast domain (L2-domain), so the risk of broadcast storms with BUM traffic (broadcast, unknown destination address, multicast) is available. At least, a storm can reduce the bandwidth of members channels. In the worst scenario, the connection with the route servers will be lost, BGP sessions will be terminated and the IX infrastructure will be disconnected. To prevent TurkIX from being stuck, we use multi-level protection against BUM traffic, limiting the traffic as follows:
On the third and fourth levels of the OSI-model, we do the filtering of dynamic routing protocols except for BGP, and other protocols that carry the threat of users and IX infrastructure itself. We analyze BGP routing information as the prefixes themselves and a set of attributes for the given prefix (community, AS_PATH, Next-hop, etc.).
New users connections
For new IX users there exists standard settings and rules:
The connection procedure itself is built in a way so that we are able to double-check the accuracy of these settings. First, a new member is connected to a port located in a quarantine VLAN. We analyze the traffic, and if everything is configured correctly, the port is moved to the production VLAN. When a new member is still isolated from the rest, its prefixes are not advertised to other members in the IX, and the new members will also receive nothing. If everything is normal, then the session will be translated into production mode.
Connectivity to TurkIX
Members can use the following connection options on their TurkIX port(s):
Free 10G Shared Peering– Exchange of traffic with all the IX members through route servers. Free 10G Private Peering– Traffic exchange with individual IX members. In this case, members can make direct BGP-sessions and the traffic flow is not organized through the route server (RS). This method of connecting to the point of traffic exchange is useful when you need to improve connectivity to one or more specific participants in the IX. Free 1G Private VLAN– Establishing communication through a dedicated VLAN between two or more Members or PartnersMember assumptions
Additional services
Based on the Internet exchange point, all members can offer users different kinds of additional services, such as: