A variety of institutional and operational models have been adopted to manage IXPs; these fall roughly into five categories:
1. A not-for-profit independent organisation
2. An industry association of ISPs
3. An operator-neutral commercial/for-profit company
4. University or government agency
5. An informal association of networks
Except for the United States, where the for-profit commercial model largely prevails, the most common of these models today are IXPs operated either by a non-profit independent organisation or an industry association of ISPs. The former is particularly common in Europe where many IXPs are typically mutual, not-for-profit organisations whose members collectively ‘own’ the facility. Operating costs are shared among members who usually pay a one-off joining fee and a monthly, quarterly or annual port fee. The fee may be determined by the capacity of their connections to the IXP or less commonly, by the volume of traffic that is passed across the exchange.
Commercial IXPs are more prevalent in the United States and are operated by specialized peering exchanges or data centre companies such as CIX, Any2 and Equinix. These types of specialist companies are almost always provider-neutral and do not compete with networks in providing services to end-users.
A small number of IXPs may also be “free to use,” with no port fees for participants, simply relying on donations of premises, equipment and staff from large sponsors. The largest such example is SIX in Seattle, Washington. This practice is also common in the initial stages of IXP formation where founding members are trying to gain critical mass, such as the Calgary IXP (YYCIX), which has just been formed and is offering free services to operators for the first year.
In some cases, IXPs without any formal hosting organisation are still in the process of formation where founding members may wish to become operational and build buy-in to the exchange before instituting formal arrangements (e.g., port fees, cross-connect charging, rent, SLAs).
Carrier/incumbent IXPs are often called “phony IXPs” where the dominant Internet or telecom operator provides local exchange points in one or two major cities. In these cases, the IXP is more a marketing term used by the commercial transit-provider as it is really no more than a router offering “peering” as a means of marketing local and/or international transit services. These types of IXPs are unlikely to scale, as few other major carriers are likely to be interested (or encouraged) to participate. These “phony” IXPs can be fairly easily identified because they charge for traffic volume exchanged or levy a price per port that approaches international transit costs.
University run IXPs are often tied to NRENs and run by a team of technical experts. These IXPs are an excellent incubator for technical assistance and for knowledge sharing. VIX in Vienna and MOZIX in Mozambique are examples of University run IXPs.
Operational and Routing Policies
Operating policies are relatively uniform across most IXPs in terms of the type of traffic that is allowed, although there may be some variations that reflect local conditions. In order to connect to an IXP, networks may be required to be recognised legal entities and must be licensed to operate (if a license is required).
Increasingly, any entity that needs to exchange traffic with other IXP members is allowed to join. This option allows the operators of private networks that provide public services (such as hosting providers, government departments or banks) to take advantage of the benefits of being present at an IXP. In some cases, allowing large end-user-networks to peer at the IXP can be a sensitive issue for corporate Internet-access providers present at the IXP who may feel that the IXP is competing with their services. However, the value of an Internet Exchange is proportional to the number of members, so the more ‘non-licenced’ networks that join, the greater the benefits to all in terms of performance, resiliency and cost of international capacity required by individual members.
There have been two common models for IXP operation. The older, now deprecated model is that the IXP exchanges all traffic between participating networks inside a single router. This is usually called a Layer 3 IXP. The most common current model is the Layer-2 IXP in which each network provides its own router and traffic is exchanged via an Ethernet switch. The Layer 3 model may be less costly and simpler to establish initially, but it is less scalable and limits the autonomy of its members who have less control over with whom they can peer and who are dependent on a third party to configure all routes correctly and keep routes up-to-date. The latter requires greater technical skills from the IXP staff. The Slovenian IXP (SIX) is hosted at the Slovenian Advanced Research and Education Network (ARNES) and is an example of a Layer 2 IXP. Members connect their remote routers via fibre. The latter is cost-effective for both SIX and its members. Collocation requirements are much less demanding, as there is no need for remote hands, and out-of-band access.
This model, however, demands a secure layer-2 infrastructure. Remote equipment should not put the IXP in jeopardy, and all ports should be configured with appropriate port security mechanisms.
Requirements for traffic-routing agreements between IXP members vary depending on the IXP’s institutional model and other local policies. A few IXPs require mandatory multilateral peering, in which anyone who connects with the IXP must peer with everyone else who is connected. Perth IX is one of the few examples of this model that usually creates a disincentive for large access providers to interconnect because these usually wish to only peer with other large operators
Multilateral peering is an efficient and cost-effective method of reaching multiple peers as no traffic charges apply and route-servers make it easy to connect with networks that have an open Peering Policy because it is not necessary to make individual agreements with each member of the IXP. Since multilateral peering allows networks to interconnect with many others through a single port, it is often considered to offer less capacity than bilateral peering. However, the benefit of multilateral peering is that it can provide access to a considerable number of other networks.
Many smaller networks, or those networks that are new to peering, find multilateral peering at exchange points an attractive way to meet and interconnect with other networks. Larger networks may also utilise multilateral peering to aggregate traffic with a number of smaller peers or to conduct temporary low-cost trial peering. Other networks may also enter private peering arrangements with each other where a separate physical link (outside the IXP) is established directly between the two networks.
Some IXPs require each network to enter into bilateral peering arrangements with each of the other network members (discrete Border Gateway Protocol (BGP) sessions across the exchange fabric). Other IXPs may also limit the use of the facility for transit traffic. Most IXPs, however, provide the option of either multilateral or bilateral peering or a mixture of the two and do not restrict the nature of the transit or peering arrangements made between members.
Flexible peering policies that permit the coexistence of multilateral and bilateral peering arrangements allow peers at an IXP to enter into separate bilateral peering or transit agreements. It is also usually acceptable for IXP members to restrict (filter) traffic originating from or destined for any member’s network in accordance with the member’s policies. Multilateral peering also allows small- and medium-sized networks in many emerging markets to operate on a level-playing field rather than be ‘allowed-in’ because of the size of their network. See, for example, the case study on BIX Hungary in the Annex to this Report.
Other important policies and strategies that IXPs and their member networks normally adopt include:
- Payment for the cost of and management of the link between the network and the IXP, including a redundant link if required, is usually the responsibility of the member. However, some IXPs have adopted policies to level these costs so that each member pays the same amount to access the IXP. This “flat rate” helps to ensure that commercial operators that happen to be located closer or are co-located in the same building as the IXP do not have an unfair advantage. JINX in Johannesburg had this policy in effect for some time, but found that it was ultimately constraining growth. Instead, JINX elected to charge an annual “hosting fee” to the network that hosts the exchange to balance out the advantage.
- Passing traffic to the IXP destined for networks that are not members of the IXP is usually not acceptable unless transit is allowed and specific agreements with the IXP and the members providing transit are made.
- Monitoring or capturing the content of any other member’s data traffic which passes through the IXP is limited to data required for traffic analysis and control; members usually agree to keep this data confidential.
- Mandatory provision of routing information and looking-glass sites.
- Routing and switch-port information can either be made public or restricted to members.
- Security response provisions for infrastructure failures, routing equipment failures, and software configuration mistakes.
- IXPs do not normally compete with their members. They normally do not provide transit facilities, for example, although in the case of interlinked IXPs, they may do this at low speeds – see the France-IX case study in the Annex to the IXP Toolkit.
 The role played by National Research and Education Networks (NRENs) and universities has been extremely important for IXP, local technical capacity, and university network develop. We plan to provide more information about the role of Universities and NRENs in the next iteration of the Toolkit. See www.nsrc.net as an example of assistance to and development of NRENs and IXPs as well as excellent background information about the development of the Internet in some countries.