WORK-IX Technical RequirementsScopeThese Technical Requirements (TR) define the ways in which you may or may not make use of the WORK-IX services. This document will be regularly reviewed and revised in the light of operational experience to ensure maximum protection of service to WORK-IX members. Subsequent versions of this document are effective after 10 working days of having been posted upon WORK-IX website.
0 MotivationMembers' use of the WORK-IX network shall at all times conform to the relevant standards as laid out in STD0001 and associated Internet STD documents.
1 Physical1.1 Ethernet interfaces attached to WORK-IX ports shall be explicitly configured with duplex, speed and other configuration settings and shall not be auto-sensing.
2 MAC Layer2.1 Frames forwarded to WORK-IX ports shall have one of the following ethertypes • 0x0800 - IPv4 • 0x0806 - ARP • 0x86dd - IPv6 2.2 All frames of a service forwarded to an individual WORK-IX port shall have the same source MAC address. 2.3 Frames forwarded to WORK-IX ports shall not be addressed to a multicast or broadcast MAC destination address except as follows: • broadcast ARP packets • multicast IPv6 Neighbor Discovery (ND) packets • if explicitly allowed for that port (e.g. multicast service) 2.4 Traffic for link-local protocols shall not be forwarded to WORK-IX ports except for the following: • ARP except proxy ARP • IPv6 ND These link-local protocols include but are not limited to the following list • IRDP • ICMP redirects • IEEE802 Spanning Tree • Vendor proprietary discovery protocols (e.g. CDP) • Interior routing protocol broad/multicasts (e.g. OSPF, IS-IS, IGRP, EIGRP) • BOOTP/DHCP • PIM-SM • PIM-DM • DVMRP 2.5 ARP traffic shall not exceed 20 pps per port/vlan.
3 IP Layer3.1 Interfaces connected to WORK-IX ports shall only use IP addresses and netmasks (prefix lengths)assigned to them by WORK-IX. In particular: • IPv6 addresses (link & global scope) shall be explicitly configured and not auto-configured • IPv6 site-local addresses shall not be used 3.2 IP packets addressed to WORK-IX peering LAN directed broadcast address shall not be automatically forwarded to WORK-IX ports.
4 Routing4.1 All exchange of routes across the WORK-IX network shall be via BGP4(+). 4.2 AS numbers used in BGP4(+) sessions across the WORK-IX network shall not be from range reserved for private use. 4.3 All routes advertised shall be aggregated as far as possible. 4.4 IP address space assigned to WORK-IX peering LAN shall not be advertised to other networks without explicit permission of WORK-IX. All routes advertised across the WORK-IX network shall point to the router advertising it unless an agreement has been made in advance in writing by WORK-IX and the members involved. All routes to be advertised in a peering session across WORK-IX shall be registered in the RIPE or other public routing registry. Members may use more than one ASN for their WORK-IX peering provided that each ASN presented shares the same NOC and peering contact details.
5 Forwarding5.1 Traffic shall only be forwarded to a WORK-IX member when permission has been given by the receiving member either: • by advertising a route across the WORK-IX network (directly or via the routeserver) • or explicitly in writing 5.2 Traffic shall not be routinely exchanged between two WORK-IX ports owned by the same WORK-IX member. |
Copyright © 2008 DE-CIX Management GmbH