Unveiling the Digital Backbone: Technical Specifications

Unicast Peering Technical Specifications

BGP Protocol Support:

BBIX PH supports Border Gateway Protocol (BGP) for unicast peering, ensuring efficient routing and network stability.

Route Servers:

We provide route server services to simplify the peering process, making it easier for partners to exchange routing information.

IPv4 and IPv6 Compatibility:

We offer compatibility with both IPv4 and IPv6 addressing to accommodate the evolving internet infrastructure.

Traffic Engineering:

BBIX PH employs advanced traffic engineering techniques to optimize the flow of traffic and reduce congestion.

Redundant Connectivity:

BBIX PH maintains redundant connections to ensure high availability and reliability for unicast peering partners.

Prefix Filtering:

Our network implements prefix filtering to enhance security and prevent unwanted routes from being advertised.

Multiple Peering Points:

Our network is strategically designed with multiple peering points, reducing latency and enhancing network performance.

Route Validation:

We validate routes to ensure that they are correctly configured and meet the necessary criteria for peering.

Allowed traffic on the platform

Only one MAC address per member is allowed.
This limits the risk of loop on the network.

Only 3 Ethertypes are allowed:

0x0800 – IPv4
0x0806 – ARP
0x86dd – IPv6

ARP and ICMPv6 traffic are “rate-limited.” The platform’s “unknown-unicast” traffic is similarly “rate-limited”. STP and bridging protocols are being denied by a global filter. The platform also filters link layer protocols including IPv6 Router Advertisement/Router Solicitation (RA/RS).

Specifications

In order to guarantee the security of the exchange point, a set of rules has been defined. BBIX Ph reserves the right to shutdown ports that violate these specifications :

The MTU size should be 9600 bytes
Non-unicast packets are not allowed except:
ICMPv6 Neighbor Advertisement/Solicitation
ARP
IPv4 multicast is not allowed

To ensure that these rules are observed:

A quarantine VLAN is used before moving a port into production to check that these specifications are followed

A monitoring tool alerts the technical team if a new ARP entry is detected. Proxy ARP configured on the member port is not allowed.
Sniffer servers are installed in the core network to analyse broadcast traffic, and check that only legitimate traffic is forwarded on the platform.