Deployment

Home / Deployment

Physical connection

SPEED-IX offers the following physical connection possibilities:

  • 1 / 10Gb SFP / SFP + (SR / LR / ER / ZR);
  • 100/1000/10000 Mb (10GBaseT) RJ45;
  • 40Gb QSFP + with SR4 / LR4;
  • 100Gb QSFP28 + with SR4 / LR4;

Ethertypes and MAC addresses allowed

Only one MAC address per port connected to SPEED-IX peering VLAN is allowed.
The expected Ethernet frame types are as follows:

  • 0x0800 – IPv4
  • 0x0806 – ARP
  • 0x86dd – IPv6

Allowed Traffic

The following protocols are allowed at the data link level:

  • ARP
  • IPv6 ND
  • Traffic must be restricted to unicast traffic with the exception of ARP broadcast packets and IPv6ND multicast packets

Members should not send any link-local and other unauthorized protocol traffic to the ports, such as the following:

  • Proxy ARP
  • ICMP redirects
  • IEEE 802 Spanning Tree
  • Proprietary protocols from different manufacturers, especially discovery:
  • Discovery protocols: CDP, EDP, MDP
  • VLAN / trunking protocols: VTP, DTP
  • Internal routing protocol broadcasts (e.g. OSPF, ISIS, IGRP, EIGRP)
  • BOOTP/DHCP
  • ICMPv6 ND-RA

Addressing SPEED-IX

The IPv4 and IPv6 addressing space assigned to SPEED-IX should not be advertised outside the SPEED-IX infrastructure.

Interface configurations:

We recommend the following interface configurations for routers based on CISCO configurations:

no ip redirects
no ip proxy-arp
no ip directed-broadcast
no mop enabled
no cdp enable
udld port disable
no keepalive

For IPv6:

no ipv6 redirects
ipv6 nd suppressor

Below follows a sample configuration for Cisco routers to announce a prefix to the route servers:

!
router bgp your-asn
 bgp always-compare-med
 no bgp enforce-first-as
 bgp log-neighbor-changes
 neighbor SPEED-IX-RS peer-group
 neighbor SPEED-IX-RS remote-as 41441
 neighbor SPEED-IX-RS version 4
 neighbor SPEED-IX-RS transport connection-mode active

 neighbor SPEED-IX-RS-6 peer-group
 neighbor SPEED-IX-RS-6 remote-as 41441
 neighbor SPEED-IX-RS-6 version 4
 neighbor SPEED-IX-RS-6 transport connection-mode active

 neighbor 185.1.95.100 peer-group SPEED-IX-RS
 neighbor 185.1.95.100 description rs1.speed-ix.net
 neighbor 185.1.95.200 peer-group SPEED-IX-RS
 neighbor 185.1.95.200 description rs2.speed-ix.net
 neighbor 2001:7F8:B7::A504:1441:1 peer-group SPEED-IX-RS-6
 neighbor 2001:7F8:B7::A504:1441:1 description rs1.speed-ix.net
 neighbor 2001:7F8:B7::A504:1441:2 peer-group SPEED-IX-RS-6
 neighbor 2001:7F8:B7::A504:1441:2 description rs2.speed-ix.net
!
  address-family ipv4
  neighbor SPEED-IX-RS activate
  neighbor SPEED-IX-RS next-hop-self
  neighbor SPEED-IX-RS soft-reconfiguration inbound
  neighbor SPEED-IX-RS route-map TO-SPEED-IX-RS out
  no auto-summary
  no synchronization
  neighbor 185.1.95.100 peer-group SPEED-IX-RS
  neighbor 185.1.95.200 peer-group SPEED-IX-RS

  network 192.168.110.0 mask 255.255.255.0
  network 192.168.111.0 mask 255.255.255.0
  network 192.168.112.0 mask 255.255.255.0
 exit-address-family
!
  address-family ipv6
  neighbor SPEED-IX-RS-6 activate
  neighbor SPEED-IX-RS-6 next-hop-self
  neighbor SPEED-IX-RS-6 soft-reconfiguration inbound
  neighbor SPEED-IX-RS-6 route-map TO-SPEED-IX-RS out
  neighbor 2001:7F8:B7::A504:1441:1 peer-group SPEED-IX-RS-6
  neighbor 2001:7F8:B7::A504:1441:2 peer-group SPEED-IX-RS-6

  network 2001:DB8:10::/64
  network 2001:DB8:11::/64
  network 2001:DB8:12::/64
 exit-address-family
!
ip prefix-list TO-SPEED-IX-RS seq 10 permit 192.168.110.0/24
ip prefix-list TO-SPEED-IX-RS seq 20 permit 192.168.111.0/24
ip prefix-list TO-SPEED-IX-RS seq 30 permit 192.168.112.0/24
!
ipv6 prefix-list TO-SPEED-IX-RS seq 10 permit 2001:DB8:10::/64
ipv6 prefix-list TO-SPEED-IX-RS seq 20 permit 2001:DB8:11::/64
ipv6 prefix-list TO-SPEED-IX-RS seq 30 permit 2001:DB8:12::/64
!
route-map TO-SPEED-IX-RS permit 10
 match ip address prefix-list TO-SPEED-IX-RS
!
end

Below is a similar example for Juniper routers:

[edit]
user@junix# show protocols bgp
group IPV4-SPEED-IX-RS {
  type external;
  description "SPEED-IX Route Servers";
  family inet {
     unicast;
  }
  export TO-SPEED-IX-RS;
  peer-as 41441;
  neighbor 185.1.95.100 {
     description rs1.speed-ix.net;
  }
  neighbor 185.1.95.200 {
     description rs2.speed-ix.net;
  }
}

[edit]
user@junix# show policy-options policy-statement TO-SPEED-IX-RS
term unicast-export {
  from {
     rib inet.0;
     prefix-list to-speed-ix-announce;
  }
  then accept;
}
term end {
  then reject;
}

[edit]
user@junix# show policy-options prefix-list to-dpeed-ix-announce
192.168.110.0/24;