This article is currently an experimental machine translation and may contain errors. If anything is unclear, please refer to the original Chinese version. I am continuously working to improve the translation.
Introduction
In the previous blog post, we successfully announced our IP prefixes to the entire Internet. In this part, we’ll dive into peering.
Peering and IXP
Our AS214775 is already connected to the global Internet via xTom’s IP transit service, but last time we left a cliffhanger called “peering”.
Peering means peering — two ASes establish a direct connection through mutual agreement, allowing traffic between them to bypass upstream providers. This improves bandwidth, reduces latency, and saves on upstream transit costs.
An IXP, short for Internet Exchange Point (sometimes just called IX), is a physical location designed to facilitate peering. Operators from various ASes can connect to a nearby IXP and directly establish BGP sessions with each other. Many large Internet companies leverage extensive peering to improve connectivity and reduce bandwidth costs — for example, Cloudflare currently has over 2,000 peers.
Practical Setup
To peer with other ASes, we need to join an IX. Commercial IXPs usually require physical connectivity and charge a monthly port fee. However, there are also some relatively open or even non-profit IXPs, including experimental virtual IXs that use VPNs for peering.
The VPS provider we used earlier, v.ps, offers access to several IXPs. For example, AMS-IX and DE-CIX are commercial IXPs that charge at least 70 EUR per month for access, but they host many well-known companies, such as Alibaba, Tencent, Cloudflare, Apple, and Amazon. Connecting to AMS-IX would allow direct peering with all of them.
But because I’m broke since we’re only experimenting, we’ll use the free LocIX provided by v.ps as an example. LocIX has fewer participants and lacks big-name companies, but the setup process is similar across different IXPs.
Inside an IX, we can directly connect to other ASes for peering. However, manually configuring BGP sessions with potentially hundreds of other ASes would be extremely tedious. To solve this, IXPs provide a “Route Server” (RS). Each AS only needs to peer with the RS, which then forwards our advertised routes to others and redistributes routes from others to us — effectively allowing one BGP session to peer with everyone.
After requesting LocIX access via support ticket, the provider added a new network interface to my VPS for IX connectivity (in my case, eth1) and sent login details for the LocIX dashboard via email.
LocIX Dashboard
From the LocIX control panel, I obtained the IPv6 address assigned to eth1: 2a0c:b641:701::a5:21:4775:1, which I manually configured on the VPS interface.
The control panel also provided the RS’s IP address 2a0c:b641:701::a5:20:2409:1 and ASN 202409. I appended the following configuration to the BIRD config from the previous blog post to establish a BGP session with the RS. As for filters, since we still want to accept all incoming routes and only export our own prefixes, no changes are needed.
1 | protocol bgp bgp_locix_v6 { |
After applying the config and restarting BIRD, it took a while, but eventually we could see our peers on BGP Tools and in the LocIX dashboard.
BGP Tools now shows our peers
LocIX dashboard shows a visual peer matrix
Verifying the Result
Looks like our peering is working fine. Running birdc show protocols all shows we’ve imported 1,417 routes from LocIX.
1 | bgp_locix_v6 BGP --- up 2024-09-06 Established |
Using ip -6 route | grep 'dev eth1', we can see these routes. Let’s try reaching a neighbor — for example, xTom’s 2a03:d9c0:1000::1.
Using tcpdump, we can capture the traffic on eth1, confirming that inter-AS traffic is indeed being exchanged via the IX:
1 | 06:54:40.064548 IP6 2a0e:8f01:1000:46:be24:11ff:fefa:9353 > cs01.q51.dus06.xtom.de: ICMP6, echo request, id 4432, seq 3, length 64 |
Summary
We’ve successfully peered with others via the Route Server on LocIX. There are additional features LocIX offers that weren’t covered here — such as direct peering with specific ASes or using BGP Communities — feel free to explore your IX’s documentation.
So far in this three-part series, we’ve completed the basics: registering an ASN, announcing prefixes, and peering. However, there’s still much to learn in network engineering, such as:
- Using BGP Communities to filter or influence routing (sounds weird, but think of them as custom tags attached to routes)
- Setting up proper filters and firewalls — don’t blindly trust upstreams or Route Servers,
or you might end up taking down the entire Internet - Expanding our network with IGP and iBGP within our own AS
- Experimenting on more open playgrounds like DN42,
and then accidentally bricking DN42
Due to cost considerations, I probably won’t scale up my AS on the public Internet anytime soon. Instead, I’ll likely experiment more on DN42. For those interested, I highly recommend Lantian’s guide — his blog contains many advanced networking tutorials. The DN42 community (on Telegram/IRC) is also a great place to meet fellow enthusiasts.
Although I don’t plan to implement all the ideas I just mentioned right away, this series isn’t ending here. I’ll likely explore more topics that can only be done on the real Internet…
This article is licensed under the CC BY-NC-SA 4.0 license.
Author: lyc8503, Article link: https://blog.lyc8503.net/en/post/asn-3-ixp-and-peer/
If this article was helpful or interesting to you, consider buy me a coffee¬_¬
Feel free to comment in English below o/