MSK-IX / Internet Exchange / Secure Peering Group service operation requirements
← Go back
Secure Peering Group service operation requirements
Attention:
  1. Technological requirements are mandatory for observance by all Customers during the whole time of connection to MSK-IX.

  2. In the event of breach of the Technological Requirements by the Customer, the Service Provider has the right to notify via email Customer's Administrative and Technical Representatives and to disconnect Customer's port(s) from MSK-IX Network, or to transfer Customer's port(s) to the Quarantine VLAN operated in conformance with the Service Description.

  3. The Service Provider shall restore configuration of Customer's port(s) within 24 (twenty-four) hours upon reception by Administrative and Technical Representatives of the Service Provider of Customer's notification that the breach has been cured and positive verification by the Service Provider of Customer's compliance with the Technological Requirements.

  1. The Customer shall clearly specify duplex speed and mode in the settings of its 10BASE-T, 100BASE-TX and 1000BASE-T IX network connection interfaces.

  2. When using the Services, the Customer shall comply with the standards specified in IETF STD1 (http://www.rfc-editor.org/rfcxx00.html).

  3. Clauses 3.1-3.13 shall only apply to the shared VLAN connection interfaces of the MSK-IX Secure Peering Group.

    1. If the Customer has an autonomous system (hereinafter the “Autonomous System” or “AS”) designated by the Regional Internet Registry (RIR or RIPE NCC) (http://www.ripe.net), the Customer shall keep the information about its AS network routing policy up to date in the RIPE Internet Routing Registry (IRR).

    2. If the Customer does not have an AS, the Customer shall provide the Contractor with a series of public IP addresses for which the Contractor shall designate a private AS. This series of IP addresses will be advertised via BGP to other members of the Secure Peering Group.

    3. In the IX network connection interfaces, the Customer shall switch off ARP Proxy, Broadcast Forwarding, Spanning Tree, IP Redirects, link layer protocols (LLDP and others) and protocols of equipment manufacturers that initiate dissemination of third-party Ethernet frames (CDP, Layer 2 keepalive, etc.), except for LACP when connected using EtherChannel.

    4. The Customer shall provide the Contractor with the MAC addresses of all logical interfaces used to connect to the IX network. Only one MAC address is permitted for each physical interface used by the Customer to connect to the IX network, except during replacements of the Customer’s equipment upon prior agreement with the Contractor.

    5. The Customer shall transfer Ethernet frames via each IX network connection interface, except for ARP and ICMPv6 Neighbor Discovery, only to the MAC addresses inspected via this interface.

    6. The Customer shall not transfer multicast Ethernet frames, except for ICMPv6 Neighbor Discovery, to the IX network using the Peering VLAN.

    7. The Customer shall only transfer Ethernet frames of the following types via the IX network (http://www.iana.org/assignments/ethernet-numbers): 0x0800 – IPv4, 0x0806 – ARP, 0x86dd – IPv6, 0x8100 – 802.1Q

    8. The Customer shall use only IP addresses and network masks designated by the Contractor, across all IX network connection interfaces.

    9. The Customer shall not advertise the IP addresses of the IX network outside its AS.

    10. The Customer shall use BGP4 to establish peering sessions on the Peering VLAN of the Secure Peering Group.

    11. The Customer shall use only one AS number in each logical interface for IX network connection, for BGP4 interactions.

    12. The Customer shall route traffic via the IX network only to the networks advertised to the Customer from the IX network, and ensure that traffic be delivered from the IX network to the networks advertised by the Customer in the IX network.

    13. The Customer shall set up IPv4/IPv6 MTU as 1,500 bytes in the logical interfaces of the IX network connection.

    14. Clauses 3.14.1-3.14.5 shall only apply when the Customer uses the Route Server (RS).

      1. If the Customer has an AS, the Customer shall keep route and/or route6 objects up to date in the IRR for all the networks of its AS advertised by the Customer in RS.

      2. The Customer shall establish BGP sessions with each route server used for the Secure Peering Group service, according to the data provided by the Contractor.

      3. The Customer shall advertise to RS networks according to the routing policy for these networks in the respective IRR, or a set of networks agreed upon with the Contractor, if the Customer uses a private AS designated by the Contractor.

      4. The Customer shall not advertise to RS private networks, private AS (except for those designated by the Contractor), the default route or the full routing chart.

      5. The Customer shall advertise to RS networks with modified AS-PATH (the attribute shall be extended with the Customer’s AS).

Back to list