Peering – Technical Guide

Connection Information

We offer the following port for connectivity to our peering points:

AUCKLAND

10Gbit/s
10000BaseLR
40Gbit/s
40GBaseLR-4
100Gbit/s
100GBaseLR-4

CHRISTCHURCH

1Gbit/s
1000BaseLX
10Gbit/s
10000BaseLR

WELLINGTON

10Gbit/s
10000BaseLR
40Gbit/s
40GBaseLR-4
100Gbit/s
100GBaseLR-4

Please contact us for pricing of LAG options.

General Notes

Be Aware
IX-assigned addresses shall not be advertised by its peers to other networks.

Port Security
The greatest danger to any Ethernet network consists of loops. If measures are not taken to prevent loops they can instantly bring down any network.

Route servers
We utilize the Routing Daemon BIRD. There are 2 route servers per city.

By default the Peering AS (63830) is removed from all sessions. However if you wish for us to include this please advise when you sign up for a service.

We have also made available communities which are universal across all peering points. These communities allow peers to apply specific policies to their sessions.

Allowed Ethertypes

Ethernet types:

  • 0x800 – IPv4
  • 0x806 – ARP
  • 0x86DD – IPv6

MAC Limit

We request only 1 MAC per port on any of our Peering Points.

This means frames forwarded to an individual port shall have the same MAC Address.

Limitations

No Proxy ARP
Use of Proxy ARP on the routers interface to the IX is strictly prohibited.

No IP Directed Broadcasts
IP Directed Broadcasts are strictly prohibited.

Unicast Only

Frames forwarded shall only be Unicast, forwarding traffic to a Multicast or Broadcast MAC destination address is prohibited, except for the following:

  • Broadcast ARP Packets
  • Multicast ICMPv6 Neighbour Discovery packets (this does not include Route Solicitation or Advertisement packets).

No Link Local Traffic

Link local traffic shall not be forward to the Peering VLAN(s), Link-Local protocols include but are not limited to:

  • ICMP redirects
  • IEEE 802 Spanning Tree
  • BOOTP/DHCP
  • ICMPv6 Router Advertisements
  • UDLD
  • BFD
  • PIM
  • Interior routing protocol broadcasts (e.g. OSPF, ISIS, IGRP, EIGRP)
  • L2 Keepalives
  • Vendor propriety protocols:
    • Discovery protocols: CDP, EDP, FDP
    • VLAN/trunking protocols: VTP, DTP

The following link-local protocols are exceptions and are allowed:

  • ARP
  • ICMPv6 Network Discover

Policy Control

Policy control is achieved by the use of BGP Communities. Peers must tag their routes using the following, in order to control policy via the route server. The default behaviour is to advertise all prefixes to peers (63830:63830). Please ensure use of the following model:

0:PEER_AS Do not advertise to specified peer
63830:PEER_AS Advertise to specified peer
0:63830 Do not advertise to any peer
63830:63830 Advertise to all peers (Default)
1:PEER_AS Prepend once to specified peer
2:PEER_AS Prepend twice to specified peer
3:PEER_AS Prepend thrice to specified peer

For Extended Communities, prepend “rt:” to the community of choice, for example:

rt:0:PEER_AS Do not advertise to specified peer

For Large Communities, prepend “63830:” to the community of choice, for example:

63830:0:PEER_AS Do not advertise to specified peer

3rd Party Communities

3rd Party Communities provided by Members across NZIX for serving content. If you wish to opt-in, please tag your prefixes with the below BGP community string:

CHC-IX

Community String Content Supplied by Purpose
63830:40027 Netflix Vocus Group New Zealand (AS9790) Opt-in content cache for Netflix