[176483] in North American Network Operators' Group
Re: Buying IP Bandwidth Across a Peering Exchange
daemon@ATHENA.MIT.EDU (Stephen Fulton)
Sun Nov 30 19:19:30 2014
X-Original-To: nanog@nanog.org
Date: Sun, 30 Nov 2014 19:19:15 -0500
From: Stephen Fulton <sf@lists.esoteric.ca>
To: nanog@nanog.org
In-Reply-To: <PC1992201411301851070639d0a00646@clayton-PC>
Errors-To: nanog-bounces@nanog.org
Hi Clayton,
Putting on my TorIX hat, I'll address what you've brought up:
1. We implemented port security because MAC ACL's were not effectively
blocking certain types of bad traffic, which was a problem with the
hardware in place at the time. As you are certainly aware, getting
vendors to work on esoteric problems faced by a small number of their
customers can be frustrating.
2. Port security effectively logs rogue MAC's received on the port,
which was/is not always the case when certain types of "bad or unwanted
traffic are received. This has proven invaluable for trouble-shooting
and is very easy to pass along that info to the peer for further
investigation without having to begin a separate trouble-shooting
process with all parties online and aligned, and hoping the problem
reappears.
3. Since we implemented port security, the stability of TorIX has been
excellent. No more sudden outages due to peer human error or bad peer
architecture. (some of which is mind blowing).
4. If you think the 60 minute lock-down is excessive, bring it up on
torix-members and begin a discussion, which we're certainly open to when
it will not adversely affect the integrity of the IX.
5. If Netflix was at TorIX, I guarantee you would see traffic shoot
through the roof, and that's why we'd welcome NF and others like FB,
Edgecast etc. joining TorIX. We are one of the largest IX'es in terms
of number of peers in the world after all.
Back onto the original topic, a number of peers sell transit over the
IX. TorIX does not offer SLA's, but we do not stop peers from
maximizing their value of the IX.
-- Stephen (volunteer at TorIX)
On 2014-11-30 6:51 PM, Clayton wrote:
> We peer at TorIX and Equinix. I have to say that despite the fact that
> Equnix charges us more for our port, we're getting far more value from it
> than TorIX. Around double the traffic, and they don't have silly punative
> measures like locking your port if you leak a MAC address other than the
> one you registered with them (Equnix filters the MAC, but doesn't apply a
> 60 minute port shut down penalty if you leak like TorIX does).
>
