Frequently Asked Questions (FAQ)

Common questions

What is peering?
Peering - two or more networks traffic exchange between each other's customers freely, and for mutual benefit using unique IP addressing and global BGP routing protocol.
What is Internet Exchange?
Internet Exchange (IX) - neutral distributed switching fabric for public peering usually based on Layer 2 access technology. At IX locations, multiple carriers, ISPs, Internet businesses and enterprise networks interconnect with others across a single (physical and/or logical) port. Historically, public peering locations were known as network access points (NAPs); today they are most often called exchange points or Internet exchanges ("IXP" or "IX"). Many of the largest exchange points in the world can have hundreds of participants, and some span multiple buildings (data-centers).
What is Autonomous System Number (AS number) and how to get one?
An Autonomous System (AS) is a group of IP networks with a single, clearly defined routing policy. Each AS is identified by a unique number: the Autonomous System Number (ASN). Any organization can request an ASN via completing special form. This requires a contractual agreement with a sponsoring LIR or regional Internet registry (RIPE NCC for our region).
What is MSK-IX?
MSK-IX is a neutral organization operating Internet Exchanges and providing peering services, colocation and private interconnect in Moscow and in 8 major cities across Russia from St. Petersburg to Vladivostok.

Administrative questions

Who is connected to MSK-IX?
MSK-IX public participants' list is published on our website.
How to get connected to MSK-IX?
Connecting to MSK-IX is a simple and straightforward process with only two prerequisites for public peering service: you are required to be an established legal entity and possess an IP network with own ASN (Autonomous System Number).
How to get in touch with an MSK-IX member?
Public list of MSK-IX members is available on our web-site with their public contacts (to expand click on a name of organization). Participants may be also reached through group email address msk-ix@ripn.net. Please note that only registered technical and administrative representatives are allowed to use this group address.
How to change contacts or other information of organization?
Please send to IX administrative representatives (at msk-adm@ix.ru) your information update. Please either use your administrative representative's email or post for delivery.

Technical questions

Do you support ports aggregation?
We support ports aggregation into a single Dynamic Ether channel (LACP).
Are there any technical requirements to my network from MSK-IX?
Technical requirements to IX members are published here.
Whom should I contact with service related issues?
Please contact our Technical Support.
How does public peering work at MSK-IX?

Peering relations between MSK-IX participants are based on direct bilateral agreements. Once an agreement is reached, networks can connect using the BGP protocol. MSК-IX does not influence the participants’ peering policy. Those participants who want to peer with the most networks possible can use Route Server.

MSK-IX offers its clients the opportunity to send other MSK-IX participants newsletters with peering offers. The newsletters are available in Russian and English, and have correct access credentials to set up BGP sessions.

In order to send a standard peering offer to a MSK-IX participant, choose Peering Policy in your MY.IX.RU Customer Portal, then Peering Control. You can manage your peering requests in Peering Policy → Peering Settings.

Which of Internet Routing Registries (IRR) are supported by MSK-IX Route Server?
The following IRR are in use: RIPE, ARIN and RADB.
How to change MAC address of router connected to MSK-IX?
  1. Please send us your request from valid email address of your administrative or technical representative at support@ix.ru with the following information:

    • your connection ID with us;
    • existing MAC address (if known);
    • new MAC address;
    • scheduled time frame for MAC change.
  2. Afterwards you will receive an email confirmation from us for both MAC addresses simultaneous usage for period not exceeding 5 days. Please proceed with MAC change on your side upon receipt of confirmation email.
  3. Please inform us at support@ix.ru on MAC change completion so we delete old MAC from our database.
Is there any negative impact of execution of command "no bgp enforce first-as" on BGP session with Route Server that may affect security of other BGP sessions given all Cisco routers (as an example) apply such command to all BGP sessions being run (IPv4)?
From our experience execution of command "no bgp enforce first-as" on most routers (of most vendors) affects all BGP sessions. However it is possible to address this issue through direct mentioning "first-as" for peering sessions with BGP usage. Here is an illustration:
ip as-path access-list 1 permit ^1111(_.*)?_(2222|3333|4444|5555|6666)$
We believe it is not essentially, however fully up to you.
Do you provide connectivity within MSK-IX locations/nodes?
Yes. Virtual channels and private networks are standard service (802.1Q VLAN), priced based on ports usage type and quantity.
How to get additional IP addresses allocation?

Please send us your request at noc@ix.ru from your technical representative's email with the following information:

  • explanation of need for more IP addresses;
  • domain name of your router (Fully Qualified Domain Name) to fill out PTR record in reverse DNS zone;
  • indication whether requested IP addresses are to be used with Route Service.
How to set up IPv6 peering services?

Please send your request to us (at noc@ix.ru) from your technical representative's email with the following information:

  • IX connection ID;
  • domain name of your router (Fully Qualified Domain Name) for us to fill out PTR- record in reverse IPv6 DNS zone;
  • indication whether you are intended to use Route Service with IPv6.
An IPv6 address will be allocated to you from our IX address block.
I set up secondary IP address for my interface; however other members of such IP subnet are not reachable when sending a ping.
Cisco and some other vendors by default send data packets from primary IP address on the interface. Should you need to send ping request from secondary IP address execute ping with enforced secondary IP address usage option.
I set up secondary IP address on my interface, however BGP sessions with Route Server and other members of designated IP subnet do not work despite they are reachable by ping.
Possibly you are using Cisco command "neighbour X.X.X.X update-source ..." where source address is set up. In case of eBGP usage such command needs to be removed from execution.
How to upgrade service from single channel to two aggregated channels (EtherChannel)?

Here is the process:

  1. Upon your request MSK-IX allocates new EtherChannel (single port at this step) connected to quarantine VLAN and notifies Member.
  2. Member tests EtherChannel until it is accepted and notifies MSK-IX when ready to proceed further.
  3. MSK-IX performs new connection tests as per Technical Requirements and upon successful pass transfers EtherChannel to appropriate target VLAN, then notifies Member.
  4. Member moves service to EtherChannel from existing channel.
  5. MSK-IX and Member adjust setting of existing channel and it is being added into EtherChannel.
Note. In case Member’s MAC addresses are the same on both existing and new EtherChannel, existing channel is being blocked for the period of time starting from EtherChannel transfer to target VLAN (point 3 above) until completion of existing channel integration into EtherChannel.
Does MSK-IX provide any means of DDoS-attacks protection?
MSK-IX offers customer-managed blackholing mechanism of protection from DDoS-attacks to all participants. The mechanism allows the participant at the time of the attack to activate traffic blackholing for the attacked network prefix using special BGP-Blackhole community 65535:666 with the Route Server. For further information on Blackhole community please see Route Server (RS) service description.
How can I enable BFD protocol with the Route Server? What are BFD protocol timers and configurations?
Send a request to noc@ix.ru from the address of your organization’s technical or administrative representative. Make sure that your access lists and firewalls does not block UDP port 3784 with MSK-IX route servers. BFD protocol timers and configurations are listed in the Route Server section.
Where can I get current state of BFD sessions with the Route Server?
At Looking Glass MSK-IX, under Summary and Neighbor Info.
How to reset (shut, no shut) my BGP sessions with Route Servers?
This could be done via Customer Portal MY.IX.RU in the section «Network» → «BGP sessions control (RS)». In case if you unable to do it, please contact with MSK-IX Technical Support (24x7).

Customer Portal

What is the MY.IX.RU Customer Portal?

The MY.IX.RU Customer Portal shows information about the MSK-IX services provided, and allows users to manage the service settings and the organization account as well as to submit requests to the M9.PLUS data center’s technical service.

The account also has information about the services on the Internet eXchange and Medialogistika platforms as well as equipment placement at data centers.

What information is available in the Customer Portal?

The MY.IX.RU Customer Portal includes the following sections:

  • Company – General information about the client’s organization
  • Contracts – Information about the organization’s current contracts and services
  • Network – Technical information on the client’s connection to the MSK-IX network
  • Members – The list of MSK-IX participants and public technical information about their connection to the MSK-IX network
  • TV VLAN – The catalogue and access management to signals on the Medialogistika platform
  • Equipment Placement – (for the М9.PLUS data center) Equipment placement coordinates and online application form
  • Peering Policy – Newsletter service with the client’s peering offers to other MSK-IX participants
  • Users – Users’ account management (only available to administrators)
  • Settings – Personal account settings
How to get access to the Customer Portal?

Access to the MY.IX.RU Customer Portal is provided to representatives of the organization that purchased MSK-IX services. In order to receive administrator credentials (MAIN account)), an organization representative must contact MSK-IX administrative representatives. Additional user accounts in the organization’s account can be created by the administrator in the Users section.

Users’ logins in the Customer Portal look like USER@ORGID, where USER is the user’s name and ORGID is the organization’s ID. An administrator’s login looks like MAIN@ORGID.

Access credentials (login/password) are automatically sent to the user’s email address, which is stated during registration.

How to manage user rights in the Customer Portal?

An administrator manages user rights in the organization account (MAIN account).

In order to work with user rights, choose Users section and then click the Edit button for the desired user. In order to allow a user to access the Customer Portal, add this user to the appropriate groups:

  • adm - access to Company, Contracts, Members, Equipment Placement; limited access to Network;
  • bill - access to Contracts;
  • oper - access to Company, Network, Members, Equipment Placement;
  • tech - access to Company, Network, Members, Equipment Placement.

In order to give a user the right to file requests for Equipment Placement, activate the Requests field.

Click the Save button to save the changes.

Medialogistika

Where can I see the list of available television signals?
The list of television channels is available on the MSK-IX website section «Medialogistika» or in the MY.IX.RU Customer Portal, in the section TV VLAN / TV signals list.
How do I connect new or disconnect existing services or television signals?

TV signals can be connected and disconnected in the MY.IX.RU Customer Portal, in the section TV VLAN / TV signals list.

You can also contact TV-ADM at tv-adm@msk-ix.ru or +7-495-737-0687 about connecting to and disconnecting from Medialogistika services.

Where can I get the group number and other technical parameters for television signals?
Television signal parameters will be sent to the customer after their launch. The parameters will be available in the MY.IX.RU Customer Portal, in the section TV VLAN / Your TV VLAN.
Which settings are required for television signals?

Multicast is delivered to the customer’s port under a static subscription on a continuous basis. No setting up of PIM, MSDP or MP-BGP is required.

An easier and more reliable way to get television signals is to set up TV VLAN from the point of reception to the destination point. IGMP snooping must be disconnected. For OS Linux, disconnecting rp_filter may be necessary.

If the customer needs to receive television signals via router, make sure a successful RPF Check is conducted. One option is to request IP address from the 194.85.188.0/24 sub-network from MSK-IX technical representatives.

Which technology is used for delivering TV streams?

The Multicast technology is used for delivering TV streams, via a pre-arranged designated channel/VLAN.

HLS streams are delivered via a public internet network. In this case, stream customers are recommended to connect to MSK-IX’s peering VLAN for best network connectivity during delivery via public internet.

What services are available in Medialogistika project?
TV VLAN - Medialogistics stream connection service. VLAN Multimedia - stream transmission from broadcasters to Medialogistics.
Do I need a designated switch port to connect to TV VLAN?

You can use both a designated and a shared switch port to connect to TV VLAN. A designated port ensures best quality thanks to better isolation and prevents the impact of other services. Therefore, a designated switch port is recommended.

  1. Designated switch port. Set it up in access mode.
  2. Shared switch port (common peering VLAN, private VLAN). In this case, the switch port must be in trunk mode. Numbers for TV VLAN and the services need to be agreed with the MSK-IX Technical Support.
Do I need a designated switch port to connect to VLAN Multimedia?

You can use both a designated and a shared switch port to connect to VLAN Multimedia. A designated port ensures best quality thanks to better isolation and prevents the impact of other services. Therefore, a designated switch port is recommended.

  1. Designated switch port. Set it up in access mode.
  2. Shared switch port (private VLAN). In this case, the switch port must be in trunk mode. Numbers for VLAN Multimedia and service need to be agreed with the MSK-IX Technical Support.
Note: VLAN Multimedia does not match with common peering VLANs.
My picture is breaking up. What can I do?

Check the monitoring data for the television signal in question in the MY.IX.RU Customer Portal, in the section TV VLAN / Your TV VLAN. The data are updated in real time. If the data match your monitoring, please contact the MSK-IX 24/7 Technical Support.

If MSK-IX monitoring does not identify any problems, note that Multicast is transmitted using UDP, and so it is very important to ensure no loss during transmission. Throughout the route from the junction with MSK-IX to the reception point, the following conditions must be ensured:

  1. Switchboards and routers must be free of CRC errors (and other errors cased by the data transmission environment).
  2. There must be no errors caused by switchboard/router buffer threshing. Using QoS successfully tackles the problem.
  3. Storm-control multicast must be set up correctly.
  4. Communication channels must not be overloaded with traffic which has a priority equal to or higher than the priority of multicast streams with television signals.

If there is a transit operator between MSK-IX and the customer, these requirements are also valid for transit.

I get a picture but after a few minutes it stops. What could be the reason?
Most likely, the streams are blocked by IGMP snooping. If you do not need IGMP snooping you can switch it off. However, if you do need it, switch on IGMP Querier for TV VLAN.
I followed all recommendations but could not achieve the desired quality of TV signal reception. What should I do?
Please contact the MSK-IX Technical Support for diagnostic help.

Equipment Placement

How can I file a request for Equipment Placement?

A request for Equipment Placement can be filed by a Customer Portal user with the necessary access rights (see How to manage user rights in the Customer Portal?).

In order to file a request to bring in/take out equipment, for entry or for technical support, choose Equipment Placement → Requests → New request and choose the application type:

  • Technical support (remote hands)
  • Equipment installation
  • Equipment deinstallation
  • Site access request

For requests to install/deinstall the equipment, fill out the following fields:

  • Pop: M9.PLUS equipment location.
  • Accompanying persons: Names. A passport scan is necessary for people who are not Russian citizens.
  • Car with equipment: Plates, car model and driver’s name are necessary for the car to enter the cargo zone.
  • Date and time of visit: Сhoose the date and time of the visit. Access is guaranteed if the application is filed at least three working days ahead of the visit for Russian citizens and at least 12 working days for foreign nationals.
  • Reason for taking out the equipment: Attach a scan of the current contract or other documents confirming the attendants’ rights to act on behalf of the client organization without proxy (decision on the appointment of the CEO).
  • Equipment: The full list of the equipment including name and serial number.
  • Total number of packages: The total number of packages (boxes) with equipment, spare parts and cables.
  • Add attachment: You can attach document scans with additional information to the application.
  • Additional information: You can add information on the application here.

For a remote hands request, fill out the following fields:

  • Pop: M9.PLUS equipment location.
  • Equipment: Information on the equipment in question: name, serial number and rack number.
  • Add attachment: You can attach document scans with additional information on the application.
  • Operation details: A full, detailed and precise description of the actions required. An equipment reset application must include:

    • the equipment MSK-IX ID;
    • the unit’s number in the rack;
    • the reset way: power down/up or the Reset button.

The M9.PLUS data center fulfills the following remote hands applications 24/7:

  • Equipment reset
  • Checking the client’s interconnection lines
  • Checking the indicators on the equipment’s front and/or back panel
How can I access sites to place equipment?

Representatives of client organizations can access MSK-IX sites in order to place equipment on working days from 10 am to 6 pm local time. Visits at a different time must be agreed upon separately.

Clients’ representatives can access the M9.PLUS data center by submitting a requiest via the MY.IX.RU Customer Portal. For access to other sites, please contact MSK-IX administrative representatives.

Clients’ representatives who come to carry out operations must have their Russian passport and electrical safety license with them.

Only representatives with a third-level electrical safety qualification (up to 1,000V) or higher confirmed by an excerpt from the client’s performance review journal are allowed to work with the equipment.