So we're going to look at the IXP design and it's actually a very simple concept-- it is an Ethernet switch and it's a single LAN each ISP brings a router and connects it to the Ethernet switch provided at the exchange point and each provider will appear with other participants at the exchange point using BGP scaling this simple concept is the challenge for the larger IXPs the diagram shows a typical simple layer to exchange we are the net switch in the middle we have six ISPs in this example connected to the Ethernet switch and we also have the IXP services for example the root or TLD dns servers perhaps a routing registry looking-glasses and other services we also have the exchange point management network where the network monitoring system and the exchange point website and so on would reside as the exchange point GRU is quite often the ISP members would like a second site for redundancy so a second Ethernet switch is provisioned note that the switches are not interconnected it's a true independent second site we don't want to have the two exchanges join together so that we have true redundancy should either site fail ISPs will use dual routers for the redundancy or load sharing and of course the exchange point will host services that all members agree would be useful for the common good this would include internet portal search engines DNS root and TLD servers network time protocol servers for time synchronization routing registry and looking-glasses and so on which we'll discuss later on also about layer 2 exchanges it's very important that we have a neutral location and this means anyone can install fiber or other connectivity media to access the ixp without cost or regulations imposed by the location a secure location is important thorough security like any other network data center while the exchange point starts off being quite informal as an Internet economy grows due to the exchange point six success it becomes a very very important part of the local internet ecosystem last thing we want to do is to move the exchange point from an insecure ill-prepared location to somewhere more secure because the members are worried about its lack of security we also need an accessible location easy and convenient for all participants to access and an expandable location exchange points result in internet growth and increasing space requirements within the facility not from the exchange point itself but for the operators who want to host in the same facility they start wanting to bring more equipment and make the point of presence larger content hosting the content providers want to participate at the exchange point the root name server and the TLD name server operators all cause the actual facility to need more space the operation of the layer to exchange requires a neutral management now this could be done by a consortium representing all participants or a management board or somebody hired by all the members to operate the exchange point infrastructure exchange points are not operated by one of the members everybody who is participating needs to take part and feel as though they have some investment in the success of the infrastructure the same goes for funding all costs are agreed and covered equally by all the exchange point participants the hosting location often contributes the exchange point brings them more and in the ideal case the who the hosting location would even provide the exchange point Rackspace and facility for free the availability of the exchange point we should have 24 by 7 cover provided by the hosting location and this will be managed by the consortium if there's no 24 by 7 cover then that can't be 24 by 7 operation of the exchange configuration also we use public ipv4 and ipv6 address space for exchange point land the regional registries have policies for exchange points allowing exchange points to apply for address space for the peering land the network operators who turn up at the exchange points need an S number for the BGP configuration but the basic internet exchange point does not it's layer 2 as for the network security considerations the land switch needs to be a full proper managed switch with standard secure configuration unmanaged switches are of no use here whatsoever the exchange point management and services router needs to be well protected as with any other internet router and the ixb services again must be behind router with strong filters and secure configuration industry standards for internet exchange points are documented by Euro IX the European internet exchange point Association and these standards are all contributed to by the Euro IX members you can find the reference at the URL on the screen they've also documented best current practices for internet exchange points giving a general overview of the infrastructure operations policies and management of the exchange point your ex has also documented website best can practice for exchange points and this shows IXP operators the key elements of the required for website at an internet exchange point the type of content and information that members and potential members would like to see including connected peers traffic statistics and so on.