Wednesday, 29 October 2008 11:00
EIX WG
The EIX session commenced as�follows:
CHAIR: If everyone could settle down, then we can start. Good morning. We are back at the EIX second session continuing the agenda forred to, starting out with myself. We have some additions to the agenda so we are going to run quite tight. We have another update and a � plug that will do in between � and Wolfgang. Are there any other people that want to say, speak, show something, please let me know now. So the first one up is myself, I am Cara Mascini, but at the moment I am representing EURO�IX w� a number of exchanges within the EURO�IX community we have��� we have developed this Working Group where we are going to develop an educational and informational movie about infrastructure, Internet infrastructure, due to the fact that many people are more dependent on Internet than ever before, we get a lot of requests as internet exchanges and Internet infrastructure parties about how does the Internet work, exactly. So we are going to develop this��� we have developed competition to for people to develop short movies and the short moreees will be judged by a panel of people from internet exchanges and some of the other sponsors, where we��� that will show, hopefully, informational, educational and perhaps a bit funny on what the Internet look like and how does it work exactly. How so that's basically what the project is about. And the��� so if you know anyone in the film maker industry, please forward our information. The URL is shown up here, www. EURO�IX.net, and the competition runs now, the submissions, and we will make a decision on the shortlist by January and then the final will be during the EURO�IX forum in April. So please go ahead and send it to your friends.
That was my little plug for the film committee. Who is next, Wolfgang is up, talking about IXP tools.
Wolfgang Hennerbichler: Good morning, everybody. This is Wolfgang again today I want to introduce you to our portal, the Vienna Internet Exchange portal. People from EURO�IX might have seen that before. It will be a quick summing up of things, how we have done it. It's probably a way to inspire your portal or maybe you can give me some feedback what you like, what you don't. I don't say that this is the thing; it's just an approach to implement something for our customers.
We have login area on VIX.at T, it's contact management system which name typo 3 doesn't matter. Integrated event management, you can update your connection agreement so let's say you want to upgrade your port you can do this on�line. You can you be describe to mailing lists, you have technical view on the exchange network and you can get a detailed peering traffic view.
I will show you all this, hopefully, in the live demo just in a few minutes or seconds. One thing we also developed is the peering matrix that actually it's known now as peering traffic matrix and that is calculated automatically by our Sflow collectors so the collectors sends which peers are exchanging traffic and by doing that, it assumes that those peers who exchange traffic also peer with each other and that is how it creates the traffic. It can be viewed by anybody on the VIX peering matrix page, you click on extras and peering matrix. You can opt out on this matrix so if somebody doesn't want to be seen, you can do that. And the data is updated automatically every 12 hours, so we don't need to do anything except put the peers in our database and say "there is a new peer" and the tool will do everything by itself.
So I will try to show you that if the network works. So if I go to extras on our website and click peering matrix, I can see either a drop�down list where I would just select any peer, I am also wearing the � hat so I can say I want to see all the information peering about ACOnet and here I get a summary which ASs ACOnet peers I can order it by name. I can see if it's peering via v4 or 6 or if the peer has opted out, it would be presented as "hidden," I hope you can read that. So this is one way to see that. The other way is to really get a matrix where you can see who is peering with whom, the IPv4 matrix is quite huge but the 6 matrix is quite nice, so it's either some little peering going on. It might actually be that you don't see any peering here because the people or the peers do not exchange any traffic at all because there is no traffic on v6 probably. This is not safe to say, just because the peering doesn't mean they get a plus. They have really got to do some traffic. Like one thing a day is not enough, there must be some traffic to be visible here. So this is the peering traffic matrix, and the other thing is the restricted area where you only can log in as a user. A user can belong to more than one customer so if I have got like general guy who manages three small ISPs he only needs one account to see all this. So after logging in, I got like three additional menu bars, I can see my user profile where I could change pass words and stuff like that. One interesting thing I can subscribe to the VIX mailing list with one click, when you apply for portal you have to supply e�mail address but just clicking here I would be subscribing to the mailing list. The connection agreement, let's say I want to update my connection speed is simply done by selecting my customer, so let's say I would be ACOnet it would fill out the all information it knows from our current database. If there is additional information we need to know like the info mail address it will highlight and could not continue and say this must not be empty. So it's got a little check in there. If I want to upgrade my port speed I would go to step 3 and just, you know, add additional ports wherever I can. Like here and here. Tell me how much that is and in the final summary I would get like pricing, I would get all the summary of the information I have entered, it would say yes you get a monthly fee of this but you get a dual site discount, that is what happens when you connect at same speed, 2,400 euros discount that is monthly fee, blah�blah�blah.
Finally, you would would just send a PDF to your mail address and to ours, we would check it and tell you, yeah, this is all right, let's go on with that and you would just sign this PDF he gets so it's pretty nicely automated.
The network view may be more interesting to the technical people. We got like a bunch of stuff here, the peering traffic, I think this is the thing that most of you people in the meantime have, where you you just select different criteria and you would see the traffic. Let's say I am representing ACOnet. I could see the top five ISPs I exchange traffic with or the top five IPs I exchange traffic with. I could see IP to IP statistics or aggregated ISP to ISP addresses. I will take the IP to IP statistics now just for demo reasons and I would select my IP address, one of the ones I would like to know, how much traffic exchanges with another IP address so. Now I got the admission from a friendly ISP to show the traffic, silver serve, Austrian ISP, if I click here I would see how much traffic do we exchange, if I don't want to see the percentiles, could I see IPv6 traffic, I could see��� you know look back a year, how the traffic changed and all those things. So that is pretty neat. One thing I can also do, I can compare by just clicking in additional ISP here, I won't do that now, but if I click an additional ISP by highlighting two or more ISPs, it doesn't matter, I will see all the graphs here under each other so I could compare traffic statistics.
One interesting thing for ISPs especially new ones, for ISPs who do routine and let's say who IP with everybody or who is not in my peering list, is the layer 2 view where I would see the customer names, AS numbers, MAC addresses and the site. So what I could do is show IP BGP summary on my router and compare it with this list of mixed participants so I could say I am peering with this one and that and again this list is sortable by any criteria, if you want to order by IPv4 you would click on here. If you want all the IPv6 peers you would click here and it would be sorted by IPv6. If you really freaky you can order by address, I don't know if that would help but you can. (Address) we are using��� to monitor our network and what you see here is the current problem so let's say a peer goes down and I as customer don't know what is happening, I can just click on network monitoring tab and see the link is down. We have two are currently down because of upgrading reasons not for operational issues. I can see what is my equipment. And one thing I also go out of Sflow was the counter samples with the port statistics so if I just want to know how much traffic does my port at VIX have I can do this here, so I would select whatever, just a port that I as customer have at Vienna Internet Exchange, although I might monitor this as ISP, small ISPs like��� see the other /SAOEURD how exchange see my traffic so I would see the day view of this port now, this is the current traffic of one port of ACOnet to the exchange, I can seat unicast packets, the interface discords areas, multicast broadcast. We even went further was say OK we have got all those statistics, we have got a database where we know how fast those ports are connected so if I know there is a customer who has a gigabit port and he has like 800 megabit peak a day, I can go ahead and warn him so what we do is if we see port sat rating, not already but if we see them that they are going to sat rate we can send an e�mail automatically my friends your port is going to be full you need to upgrade. This is one thing people really, most of the small peers don't know that they are full and they are blocking Internet traffic so that is preventative measure to see that those people are actually slowing down these changes.
One more thing we do here is if we see interface discard errors we warn them about them. So if we see, let's say the peer has changed his optics and all of a sudden we see errors in his interface we will immediately warn him if we see that, if we have some traffic or at least some data here, we will immediately warn him. This is quite useful because again, most of ISPs don't really check so, one example here is we had an ISP who was doing maintenance, you can see that here, that he did do maintenance because traffic went down, we have see in it in our logs that the port went down, maybe they also announced it, I can't remember, that traffic was pretty much reduced, also the packets were reduced. Might also be because it's night but here you see that after this maintenance, the errors or the discards in this case have grown very high so what happens is they got in the same night, they got an automatic e�mail from us saying you don't have any problems, we can log into our portal and they can see on the routers for themselves and already like four hours later or something��� there wasn't prepared, and everything was good again.
So one last thing we also integrated /SPHO*EPL ping a tool to the other side to have a peer and say would measure the latency so it's also one thing everybody can do, most of small ones don't do it or it's not convenient to implement this, here we see just small bit of one of our routers, one of our peers.
So this is our portal, I am open for comments, the code for all this is, I mean I can give it to you but it doesn't really help because it's very tied to our database so it doesn't help if I provide you with a code unless off very good programmer who can read it��� (inaudible)��� very much extreme leap well tied.
No questions. That is good. So I can go off.
CHAIR: Thanks, Wolfgang. I like it.
(Applause)
CHAIR: So next up is Simone Morandini. Wolfgang how much time did you spend on developing this.
Wolfgang Hennerbichler it was like I would say six months or something.
CHAIR: OK not too bad.
Wolfgang Hennerbichler: Eliza from AMS�IX has used a model I used for decoding Sflow. That is what I was doing my work on.
SPEAKER: Good morning, everybody, my name is Simone Morandini and I am giving you an update on our new data centre, some of you may know that we had the opportunity to move to new offices so we had rooms to expand our data centre.
I guess all of you are pretty familiar with the shape of Italy but you may not know where Milan is. We are in the northwest part of Italy and we are located inside business park, let's say. We are inside this building at the ground floor and this is quite Internet � campus because in the there are around 20 network operators and by the way, this is also one of the main reasons why MIX was born here.
A brief recap on our main services: During the years we quite relaxed our admission policies so we now accept together with ISPs and carriers, also hoster and content providers. All these subjects can benefit to our co�location space that is in form of rack space on rack cabinets that we provide for ISPs or as let's say, a free space for carriers to install their own rack cabinets. Of course the access to the data centre is provided 24/7. We, of course, allow public peering as long as private peering and closed user group on both v4 and v6 and the interesting part is that since in the same data centre there are ISPs equipment and carriers equipment, our members can also realise private connection, including transit.
This is the old data centre as it looked like. It's 145 square metres with four cooling units, two USPS boxes and a cabinet for batteries and one power distribution panel with one generator, of course, extending to the Dutch centre of 80. The data centre is divided into large areas. Blue area is where we usually install ISPs equipment and it is AC powered. We have red RIR that is intended for carriers and it is D. C. Powered and we have green for local operators that install optical boxes inside our data centre. Since in the calm pus there are many other operators as I already said, all of them are ready MIX members and they have duct fibres connect our premises to our data centre. And this is now the new data centre looks like. We are going to maintain the subdivision in logical areas. We are going to double the space on the blue area to accommodate up to 80 rack cabinets. The red area is still not so full, so we kept it as it was, and we reserved another small part for the green area, it might look small but if you consider that in each cabinet we can accommodate up to 30, 40 optical boxes with 24 fibres each, it can become pretty dense. And we also have a new area, orange, both AC and DC powered where we will install miscellaneous equipment, mostly for specific installation, special installations. The new area is almost double the space, so 270 square metres. We have added three more cooling units, two more UPS boxes, each one of them is 60 kilowatts and we have four new power distribution panels because the old one has been replaced and we have added a second generator, 250 kVa this is a numerical comparison from the migration from the old to the new data centre and you can see that we practically doubled each item list and I now spend some more words on the electrical system because I think we did a very good job on it.
This was the regional implementation so one power line that feeds one power distribution panels, which, in turn, give energy to the whole data centre. We have now two powered lines, 100 kilowatts each and each one of these line is connected to two of the��� it's connected to two power panels so we have, let's say, four sectors of our data centre. On the emergency devices, we have a similar situation. This was as it was before, we had one generator that gives energy to the whole data centre and with the additional 3 panels we of course introduced a second generator, since this is much bigger than the previous one, it's currently in charge of all the three additional panels, but in 2009 we are going to replace the old generator to a new exactly identical one so that we can implement perfect, let's say, symmetry of our data centre.
Final scheme: Each power panel is connected to its own UPS box and each one of them is connected on one side to the power line and on the other side to the generator, so each member, whether it is connected on the old part, on the new part, can benefit from these redundancy scheme because it will be connected on both lines. (Redundancy) and the night that we implemented this new electrical system, we also moved all the plugs of existing members to comply with this scheme.
Of course, the advantages of this design are a full redundancy against many kind of failures and it gives us, also, the opportunity to carry out maintenance by sectors without giving service interruption to our members. Unfortunately, there are a few members that cannot fully benefit of this design because they have single power supply, whether for impossibility to install second one or because they decided to do so, and in this moment we are strongly suggesting them to install a second power supply where possible or to use a rack automatic transfer switch. That is an object that is connected on the two lines on one side and on the other side gives energy to the actual device. This has the advantage of introducing redundancy and being usually cheaper than a second power supply, but there is some concern because it introduces single point of failure. Some members have already agreed to start using it or consider using it; others are on the way to do so. And finally, this is our maintenance plan because, of course, all this equipment needs to be maintenanced regularly and and a part of the, let's say, usual maintenance is our generators, DC power and cooling units, the generator starts, just to see that the engine starts actually, and all the other systems, we feel that the most critical ones are the UPS maintenance because it is almost at the top of the chain and so if something bad happens during maintenance of a UPS, the whole equipment that are connected to it can have problems, and, of course, the most critical one is the black out simulation where we simulate failure of the power line to see that the UPSs and the generators do their work as expected.
This concludes my presentation. I am happy to answer any questions you might have?
CHAIR: Any questions? Thank you.
SPEAKER: Now is my colleague to present the second presentation.
CHAIR: Of course. The security.
SPEAKER: My name is � I introduce you briefly what have been done in these year with this port security technology within our switches and I will go through, basically, what is our approach, what is this technology which I think most of you know about, then some live experiences we had this year and the procedures we set up that we are currently discussing about this feature.
The basic idea here is we would like to, first of all, avoid any kind of disturbance, of course, on the layer 2 part of our internet exchange, and, of course, the basic idea is to keep it as simple as possible, following the motto, one port one mac one customer in the most way as we could. Of course, as Simone Morandini presented you before, as MIX relies upon his own data centre we realise that more and moreover the time the number of, say, ISPs connected through LAN extension services and through local fibres coming from the campus is increasing over time. This is mainly due to the fact that say independent co�locators are progressing and also because most of our customers are implementing a truly redundant solution by placing one port in our premises and one in an independent co�locator centre outside our building. So this means that the number of LAN extension connections into our exchanges is increasing over time and we have to be as much as possible safe from any disturbance coming from those kind of new implementations. Of course, what we would like to do is keep it simple to let us maintain it in a proper way.
I think all of you should know about or have been in touch with port security. Basically is a kind of a layer 2 filter. You apply on a switch port which can be configured to perform different behaviours. Basically, all the vendors give you the chance of log the traffic coming from mac address, you don't want to see on the customer port, or disable that port when some higher number of mac addresses is seen as active on that given port. You can define which are the legal mac addresses are according them or you can also learn dynamically the mac addresses you want to accept on the port.
We started with a fairly strict policy here, putting it altogether with an idea of getting from our mac address prefix. We had the feeling that this was a good opportunity to, together with this increasing number of LAN extension services, to fix what really belongs to the MIX environment and what doesn't, what really doesn't. What have been done together with the adoption of the fixed MIX address approach, we started with the violation shut down idea, so as we use Foundry, this means that as long as we reach the maximum number of allowed mac address on a different port we shut down it forever, means that a new intervention is needed to check the system and to come to a back to normal situation with the manual intervention.
After that, we felt that this might��� could be maybe too rude and we decided that, probably, going through a slight change to our strict strategy would be much more, say, kind with respect to our customers, and so we went for a change, moving the violation shut down strategy into the violation restrict. This means that all the traffic is forbidden from the offending mac address as the switch wipes away these offending mac address from its table as long as it receives it from a given port. This gives us the opportunity not switch down customers any time when there is a problem on the layer 2. Unfortunately, one sunny day, we had in place, I simplified things, of course, we have a customer��� two customers basically here in this example; one has a redundant situation, he bought��� bout the route into a different data centre, he uses a single layer to transport provider 2 to connect to our switches and then we have, say, standard proper customer with his own router co�located in our premises directly connected to one of our switches, as well. As you can see, we secure the ports or the ports, we use our prefix to define the mac addresses, the filters are there, everything is fine. At a certain moment, what we experienced was the fact that one of the port, say the top one connected to the top of the switch, started announcing some of the � well, together with his correct mac address, the other and some other mac addresses, including the one coming from customer B. At that point of time, what we obtained to this from this is the fact that customer B peering sessions, with all the customers connected to the top above switch were gone, that is not good, and together with the second port as well that is because the violation restriction algorithm worked away those macs from the top of the switch. This means that we were able from the��� at first time from the fact that we use our own registered mac address to recognise what is happening because we saw several others' mac addresses coming in��� coming from the exchange itself so a kind of a loop. This creates a point where some BGP sessions were gone, some others were still up but at the end it is worked very well situation for the customer to understand and to get. So the idea here was to come back to the shut down idea and we are now considering to do so, doing also some adjustments from the basic implementation. So, we tried to do up a little bit this approach and we are discuss ago little bit together with our customers to find the right � for that. The proposal should be this one: With the new customers, we will always start with the violation shut down and it's our way to see at the beginning what��� how they behave and what is their approach with us. We already customer, we may say violation restrict if they really want to do so. And of corks we will be much more happy to do this if they have the peering router co�located with us so we can know which equipment are they bringing in and a bit more not so happy about that if they use any kind of LAN extension solutions. So that could be the scenario for MIX for the next future. In any event, what we have done in our NMS is to keep this phenomena as one of the critical alarms that we receive and something we have to react immediately as soon as it happens.
Another option here is to use a feature of the violation shut down strategy which is that you can decide to keep the porting shut down for a given amount of time and then it will bring it back in production and basically give a customer the chance. This is another point of discussion here because, of course, the time frame you use to do that is a point of discussion and if you keep it for short time, maybe there is not enough time for the customer to react, and this means that nothing has already happened and the port goes down again and but if you keep it longer than, it cannot /�PB used anyway so the idea here is to try to find a time out which could be maybe a couple of hours, which seems reasonable for us as a point where we can expect the customers has reacted over his infrastructure and maybe fix it something.
Any questions?
CHAIR: No questions.
AUDIENCE: There is a question. /*L Wolfgang Hennerbichler: I just want to make a comment, it's similar as we do it at the Vienna Internet Exchange, the time out we use is 30 minutes and if 30 minutes the port will come back up again F it comes back up again and the port is still in violation also it's still looping it will be up for a milly second until the switch sees the violation again it will be shut down again so I think half an hour is OK for the customer to notice it, he would notice it anyway in the loop continues on being and it doesn't harm, we have that situation various times with remote providers that they are building building loops to see the port works or whatever and the ports just shut down. One thing you can additionally do, the Foundry sends this violation mac address to sys log and it also adds the port by triggering an event in Syslog comparing it it your database you can send out an automated to e�mail to the customer saying you have just fallen into port security violation. Do something about it.
SPEAKER: Thank you. Maybe we have a chance for building up kind of a standard behaviour across our policies so that all the customers can experience the same.
Mike: Mike Hughes Linx. One of the things that we are doing is we use restrict Max to /TPHAO*EU which you get on the RX and MLX and but not on Jetcore and that allow you to basically permit one, allow a second sort of dodgy address but still allow the traffic to maintain between the provider and their other peers. We obviously get the Syslog message that Wolfgang alluded to about the violating address but we don't shut port down until we hear third address. We don't use automatic reset of the port so we don't automatically bring the port up after a period of time F we can't get a good enough answer out of the provider as to why they violated port security we will then move the port into a quarantine VLAN which we have a workstation attached to and try and work out what the cause is and that is how we are doing things there.
CHAIR: OK. Thank you. As I said next one up is Henk from M6. After that it's and we will have update from Equinix peering plug and conclude with Wolfgang's movie.
Henk: This is update on the 40 and 100 gigabit Internet standard process in IEEE. I have been involved in this process for over two years now as what they call an end user giving input into the process on M6 requirements on what 100 gigabit Internet preferably should look like. What I will do in this presentation is give a very short view of what the standard is about and how it will��� what it will look like and an overview of where the standardisation process is at the moment.
Before I go on, I have to say this: Anything I say is my personal opinion and view and nothing to do with IEEE.
So their current status of the whole standardisation project is that actually a real draft now, it's a draft 1.0, so the process is going somewhere. It's very long document, it's 292 pages, it's very detailed (292) it's almost unreadable, at least for me. It does capture all the objectives that were set for about 40 and 100 gigabit and couple of small things. It does specify all the technicalities that go with the objectives, but and that is essential in this first draft, all the technical details in there are still subject to change. Based on this first draft, � will start building implementations, scope out implementations and whatever and based on the first experiences, they will feedback into the document to adjust the technical specifications. Then there will be a draft 2, that is scheduled for March next year. That will be more or less technically complete and so more real world implementations might already take off. And when everything goes to schedule the final draft will be available somewhere in June 2010.
So, in the standards there are five reach objectives and there are eight physical layer specifications. Reach objectives go from one one metre for back plane specification to 40 kilometres for 100 Gig ER. All the 40 gig solutions are based on four parallel 10 gigabit per second lengths and all the 100 gigabit solutions are either based on 10 lanes of gigabits per second for copper or on four lanes of 25 Gigabits per second which is rather new technology.
One of the other objectives in the standard is appropriate support for the optical transport network. There have been a lot of issues with mapping 10 gigabit into the optical transport network with 40 gigabit Internet they want to do it right from the beginning therefore the IEEE works together with the ITU to transfer mapping between and then for 100 Gig bit Internet floss such ITU standard there and they will probably immediately define the ODU 4 starting from the 100 gigabit Internet specification.
So the whole architecture from a high level looks something like this. Very essential in this is that anything that changes is from below the mac; anything above the mac stays the same which makes the whole architecture consistent with the existing Internet architecture keeps the same frame format and only thing changing are the new interface definitions.
And looking a little bit in there, what is out there; copper solutions 40 and Gigabit Internet, defined for ten metres, essentially reuses the 10 G base KR architecture, for the cable it uses the specifications that has been used currently for 10 G /PWAEUG CX 4. Auto negotiation is used to negotiate speed and all kinds of capabilitieses like forwarderers connection and the connectsers being used will be small high density connectors like QS FP or new type called SFF � 8092.
Then on multi�node fibre we will have either four plus four parallel fibres for 40 gig transmitter receive or 10 plus 10 for 100, also transmitter receive. It's essentially 10 times 10 gigabit Internet connection so four times that. It's currently specified to for each of 100 metres and still a lot of discussion going on in the task force to go beyond 100 metres in the way they think they are going to do this by defining the same specification by using multi�mode fibre, how how far that will be used is unclear.
40 gig, this has been a very heavily debated objective, first included in 40 gig was actually limited to��� (inaudible (��� ten kilometre objective, second one from��� solution or for WDM baseline solution��� � cost the technical possibilities. So it's based on CWDM grid defined by 694.2 and ten lengths of gigabits per second and will go out on single fibre similar for gigabit Internet 10 kilometres, the difference here is that initially ten lengths of gigabits per second, gearbox in between that serialised ten times 10 big bits to 4 by 25, and 4 by 25 will be multiplexed on single fibre and demultiplexed the other way around. Again this is based on LAN WDM baseline grid which was a heavy debate going on for months in IEEE which WDM base to use here.
100 Gig for 25 kilometres is essentially the same as one for 10, the only difference is the amplifier on the received part of the interface, but there is no difference.
So where is the standard process now? When can you actually expect products that at least I am very interested in, so the whole thing started somewhere in 2005 and the first meeting of the task force that actually writing the specifications started September 20, 2006, and we are now still in the task force part of the process but here we have a draft 1.0. And then when you look more closer in the whole schedule, there will be the draft 2.0 in March 2009, that will be more or less technically complete, there is still some room for technical adjustments that should finish somewhere in the summer of 2009 and then the final draft should be available in November 2009 and then go up through valid processes and final writing of the standard and then the publication should be somewhere second half of 2010.
And I think products, well, I am not sure, but from what I have been hearing around, products might probably ship when the draft 3.0 is available, or something, maybe a little bit sooner.
If you are interested to attend one of these meetings, they are every two months. Next one is in Dallas in November; and then going on like that and if you need more specific information, it's on the website, on the link which is down there.
By the way, if you would download the presentation and the diagrams in there, if you want more detailed information on the implementations there, the diagrams contain a link to the IEEE website with specific information on the different objectives. And that is it.
Any questions? OK.
(Applause)
CHAIR: Next up is is Katsuyasu Toyoma talking about IPv6 in Japan.
Katsuyasu Toyoma: To make a presentation the purpose of this presentation is to gather the information about how IPv6 support of a worldwide exchange point, I need such information to make my presentation in this November, so I would like to briefly explaining about the Japanese, the exchange point situation regarding the IPv6 and I would like to ask you to give me some information about your IPv6 support information.
So, my name is Katsuyasu Toyoma from JPNAP and I said it just like, just now. And in the first I would like to talk about the briefly about the IPv6 situation in Japan and after that, I explain the Japanese exchange points and IPv6.
The first, as you may know that IPv6 is deployed in Japan, maybe��� advanced in the world but our��� to tell you the truth, the Internet regarding the IPv6 Internet connectivity, still few ISP and few are provided IPv6 connectivity and there are few users. There are only 4 ISPs currently for consumers and also another four providers for enterprise and service providers and also the IPv6 is deployed used in the bottom lines, the situation, the left�hand side of the broadband infrastructure provided by NTT west and east and also close�knit work which is used by the enterprise, such as retail chain store, such kind of things. So this graph shows that assigned IPv6 prefixes, in Japan, approximately 4.5 million are /48 prefixes are assigned to the customers but these are in the walled garden. So the current situation is just like this. The government report says that all the players involved with the Internet are expected to prepare IPv6 by the end of 2010. The players means not only service providers, but also content provider or system integrator or such kind of old��� organisation want people to use the Internet. So NTT east and west started to talk with ISPs about IPv6 Internet access, how to provide IPv6 Internet access to the providers. But currently, even now, there is some ISPs and the content providers are still watching the situation and they are anxious to migrate to IPv6.
So, the IPv6 situation in exchange point. I would like to know the information, these kind of points, so the first, I would like to��� this is the list of the exchange point in Japan, the main our exchange point, OK? The JPNAP and JPIX and BBIX and Equinix in Tokyo recently build and also Dixy, they are famous exchange point in Japan and red one is currently supported IPv6 in exchange point and JPNAP, the dual stack is fully supported in this April and also the JPIX is fully supported IPv6 in this September. Dix�ie is long history in support with IPv6 but their experimenter exchange point was terminated this June so all the IPv6 connection should be in the dictiony itself.
I would like to make these kind of table and comparisons for over the IXPs in the world but this one is��� still incomplete but relate to the Japanese exchange point. So, the JPNAP and JPIX and Dix�ie supported dual stock and JPNAP, the network configuration is using the same switch and the same VLAN to. IPv4 and 6, and this kind of information I would like to summarise in the near future.
I would like to pick up our case. The history of the support of the IPv6 in JPNAP is slightly long. We started our services in 2001 and after one year, we started experiment Alex change point services named JPNAP 6 in 2002. And after that, in 2005, our ex personally support the dual stack in main JPNAP switches and this year we started, we entered experimental phase and moved to the full service this April. Also we still have JPNAP 6 experimental switches, I would like to talk a little later.
So, the currently the JPNAP sites support IPv6, not only the Tokyo, two sites there but also in Osaka. They are all support IPv6. And of course, no additional fee for IPv6. And we are using the same switches with��� to IPv4 and also the same VLAN of the IPv6��� IPv4, sorry. And we still have the JPNAP 6 and it will coexist by March 2010. This switch is only for IPv6. But these two are connected, so you can peer with not only the��� only JPNAP 6 users but also JPNAP Tokyo 1 users. This is because still��� some Japanese ISPs are not confident to configure their routers with IPv6 because currently they are doing the business, those routers and they have less resource and time to verify the dual stacks so some ISPs who like to separate in this phase and the one is for commercial and connected to a JPNAP 1 and the other one is for only IPv6 and this is for��� which is for experimental one. So the left�hand side, the AS 222 is such a case. So some providers in those phase, so we decided to coexist for a while, IPv6 only experimental our exchange point. Of course, the service level is slightly different, and JPNAP Tokyo one is a full service so we monitor their interface and IPv6, the IPv6 interfaces is alive or not but in JPNAP 6 we do not monitor such kind of things, OK? And we are using the IPv6 address and IS��� AS number is embedded in digital format. The � why project told me that Dix�ie is also embedded AS number in there, IPv6 address, but they are using a hex decimal. The reason we chose the decimal format is just like for��� it is easy to recognise the AS number for the operators, so usually we use an AS number in decimal format so if the IPv6 address in the hexadecimal format of AS number, it is very confused, so we like��� we chose that these kind of format. So we need 6��� sorry, 10 digits for the decimal AS number format. And we have already AS dot number users in a JPNAP 6 so we, after the discussion of our��� between the registries about which format will be used, AS dot or ASPLAIN, we have to change the format, OK. And also, we provide the private V LAN and that is supported IPv6 and IPv4 and private V LAN there is no ASN number is embedded. And this is the traffic graph. This one is slightly 0��� � last year approximately 0.03 percent of last year traffic������ the situation that now��� the last month is almost the same, still no��� (inaudible)��� end of the September the traffic is slightly growing. This is because some ISPs are recently connected to the JPNAP 6 experimental exchange point and they started to use IPv6 traffic. I think that is the reason.
So to conclude, I need this kind of information about IPv6 support from worldwide IXPs and for example, you are already supported IPv6 or not and when and will you start with IPv6 support. And how is your network configuration, on the same platform or same V LAN or not and addressing and kind of things, just like ASN or other things and also we like to know about the traffic analysis of the IPv6, how to measure v4 and 6 using Sflow��� when we use Sflow it is something so this is not accurate data, especially in these IPv4 is huge and IPv4 is very little. In such a situation that something technology is not suitable. And also, do you think that��� inaudible���) I would like to ask personally mailing list of so are you appreciate if could you give me feedback and I also know that in the new � I will send some messages about IPv6 best current practices, so such kind of information is very good for me. So I would ask to you give me some information. Of course for feedback. Thank you very much. Any questions?
AUDIENCE: We don't operate exchange point but we use them, so I would like to make a few comments. Number one: Thank you for not charging separately for IPv6. I know that this stopped us deploying in at least one other exchange in Tokyo because they wanted to charge us for an IPv6 address. And our legal department bulked, so��� so we didn't deploy there. Number 2: /TP�R from what I have seen and from what our deployments look like it's better to use VLAN for both v4 and v6 because for two reasons: Number one, going forward IPv6 should be production, otherwise it will never take off, it has to be managed to the same quality standards as IPv4, and number two, it makes it much easier for ISPs to roll out IPv6 gradually, especially in your case where the AS number is encoded in the IP address, it requires very little coordination between an ISP in the exchange point to just turn up v6 in a new exchange point. If I am already present there on IPv4 all it takes it /S* is a couple of e�mails saying I am going to start using this IPv6 address that already belongs to me and that is all. And I just need to turn it up. Otherwise it requires work on both sides to provision a new IPv6 address, so that is��� that is my opinion based on our deployments. Thank you very much. (Deployments).
SPEAKER: Thank you very much.
AUDIENCE: Lorenzo, they do have a dual stack switch, the v6 only switch is an additional option.
AUDIENCE: Yes, I know, that is why I am saying thank you for having it.
Randy: Other people who are at all interested in IP deployment exchange employment or � presentation is the first one I have seen that actually tells the truth. This was an excellent presentation especially the first part of it what is the difference between the exchanges, what they are doing, what IPv6 real deployment is in Japan, etc.. this one was real.
SPEAKER: This one.
CHAIR: Much appreciated. Thank you.
(Applause).
CHAIR: Next one up is John Taylor, Equinix update. Where are you, John?
John Taylor:
CHAIR: After John we will have update from � and the movie. Good morning everybody. My name is John tail we are Equinix working in the European office, tele coordinator peering activities and just develop our networking initiatives in European region.
I am here to do a quick update on Equinix, one of the first things you will notice is our new red squiggly line, our new brand identity and it's a big feature of my updated to. Just quickly click through. So we are going to talk about the new corporate brand, a New Portal for peering that we have launched in conjunction with our new brand and a quick update on our Paris and Hong Kong exchanges.
So the new Equinix brand we call it the fortress, a lot of effort and creativity went into this thing as Equinix has pulled together with IX Europe and some of the AP acquisitions, we are working hard to act as global company. We have had a lot of creative comments about our red squiggly line, I see some smiling faces out there, and you can put it to many creative uses but our vision for this object is if you imagine the corner of a building, you can see the crenellations of the castle wall, the customers within maybe a vision of racks, maybe a red line providing interconnections between customers. But the basic essence we are trying to bring forward with this is protecting and connecting the world's most valuable information assets. We have got a rebranded corporate web side at Equinix.com and I invite to you take a look.
Secondly like to talk about new Equinix portal which has come out in conjunction with rebrand. If you have a log into that portal those of you who are members of our peering community you should be able to get in using your same details. There is support information on the site if you have a problem with that.
There is a number of new features, the site designed to be a lotees /KPWRER to use and quicker to navigate the information you are looking for. Some new tools that are worth talking about. You can quickly look at all of the part pants in all of our exchanges all around the world and filter that list and export the section of it you want to a CSV file. There is a suggest section tool so let's say your peering was somewhat in balance and the tool will suggest peering suggestion with that same peer who may be present at other exchanges but you are not currently peering with them there. And then there is also new peers upgrades list which keeps new touch with who is changing their ports in which geography.
We maintain a calendar of peering events, you don't need to log into the portal to see that. And it's nice to have all the events collected in one place so if you go to look at the events calendar you can immediately see where the plane might be taking you in the next coming year.
We have improved our Sflow tools making them a lot faster to load with historical graphs for each peer and the ability to do an aggregate traffic table either for single multiple metros or or in many locations the entire global Equinix exchange peering fabric.
We have also got some network health documentation available including details like jitter and so forth that tell you how the network is working and detailed information about each Equinix exchange topology in the various geographies.
Quickly moving on to a few updates, globally we are a little bit north of 240 gigabits of peak traffic today. And I wanted to just take a second to promote a new exchange that I think first traffic came on�line in September, we have got 10 peers available there, you can see who they are, in the customer list on the IX portal, that is also available publically so you can see who is where. And if you have any questions about that, we have got, you know, great promotion price not guilty place right now and we will really encouraging people to come on the exchange. Also we are announcing a new exchange in Hong Kong. That is metro fabric so multi�site exchange interconnecting our Equinix Hong Kong location with MEG A I advantage site.
Finally, that is it. The top of it the fortresses here and if anyone want to to make any suggestions, perhaps we will turn it into a great new �. Everything in Equinix is turning in all of their old branded gear to charity, so all the mugs and T�shirts and fleeces are going off and we will have to reclothe everybody. Any questions I would be glad to take them.
CHAIR: Questions for John? OK. Thanks, John. Next one up is Terry.
Terry: I will probably take really loud because I am American (talk): So, I am Terry, I currently work for /PW*EUG graft, CDN operator. You may know me from Google where I used to work previously, so many of you have known me from there. I am hered to to talk about peering DB very quickly, peering DB is the wonderful tool that was created back in 2004 to help facilitate peering, so how many people here have heard of peering DB? OK. Great. A lot of people but not as many say as NANOG so that is exactly why I want to do this update today. So peering DB is really great because��� I am going to log in as guest������ is this a Dutch keyboard? I am lost here. All right. Finally we are in so. Peering DB is great, as you can see there is tonnes of entries. If you as a network who peers goes to put something in peering DB someone who wants to peer with you can log in and have a quick look or even search for your name or search at your exchange, so you know if you wanted to say peer with bit gravity, you can type in ASN, you can click and look there is all of their peering information. So this also works by exchanges as well so if you want to look at let's say Equinix San Jose here, you can find all of the other networks who are at Equinix San Jose and this also works for many exchanges in Europe where you can search right here, Europe, and there you go. So you can click on AMS�IX and you can find how many people are peered there, their IP address and so on and so forth. And most importantly, the last thing that I would like to touch on about peering DB is keeping it updated, your entries updated is very, very important because if there is garbage in peering DB in you are going to get it out. Keep your IP addresses up�to�date. Some people don't do that or steal other people's and we get lots of e�mail about people stealing them and it's a real pain in the as to change, in keeping your details up�to�date are very essential. Also just to point out peering DB admin that is can help you with anything peering DB related, that is myself and I think Alex and josh��� josh you can't do anything. When is the last time you touched peering DB
AUDIENCE: I am logging in right now.
SPEAKER: I would really appreciate if somebody could put him to the test. So there is myself Alex and Josh who can help you with anything peering DB related, I have 4,000 unread e�mails in my peering DB folder, so if you need something come and get somebody. Someone cut me off. Please come and find one of us if you need something we can get it done much quicker. And that concludes talk on Peering DB.
CHAIR: Thanks.
(Applause)
CHAIR: Peering DB is is a really useful tool. I would like to close up so everyone can watch the movie. OK. Well thanks everyone for being here. Before we go to the movie I would like to close this session for the meeting part. First, I would like to thank Mike because this was his last meeting as a chair and thanks for all the years of good time and effort (applause) and obviously you will still be here so��� but not in an official capacity. OK. So thanks for that. Also, just a quick Word of information that for everyone who enjoys going there, global peering forum registration for that always open, that was any other business remark, so please go and have a look at the site if you are familiar with it. I guess that concludes it, unless anyone has remarks for the other business? OK. Wolfgang. Go ahead.
Wolfgang: Just one short explanation about the movie and why we did it. We often had the issue��� we often had the issue that we go to some remote place to some meeting and people were asking who is DE�CIX, what are you doing, who is working there? And by the way what is Frankfurt?" So we decided to make a little movie, it's��� yes it's marketing, yes, OK, I admit that, but it's a movie about us, about the DE�CIX. It's short, it's four minutes, 10 seconds. We spend two days in production, two days in post production, after production we had four hours of video, which was cut down to four minutes and I think it's a great tool if you go to a remote customer to show where you are, how your offices look like and what you are actually doing. This doesn't sound very well. We tested this yesterday and there was sound.
Movie played...
(Applause)
Wolfgang: Thank you.
CHAIR: That concludes the session, people. Thanks a lot.
Conclusion of session.