Managing Services

DE-CIX PDM Team Updated by DE-CIX PDM Team

Creating and Managing Services Using the IX-API Terraform Provider

Here is the complete page content, ready to paste in one go. Note that the code blocks should all be set to ini in HelpDocs, and the handover row in the Cloud VC table needs to be filled in by the developer before publishing.

This page shows how to create and manage DE-CIX Cloud ROUTER resources and related configurations.

Recommended order:

  1. Create the Cloud ROUTER (VRF)
  2. Attach network services (P2P VC or Cloud VC)
  3. Configure routing policies and prefix lists
  4. Add static routes if required

Cloud ROUTER (VRF)

resource "ixapi_de_cix_cloud_router" "main" {
  managing_account  = var.account_id
  consuming_account = var.account_id
  billing_account   = var.account_id
  product_offering  = var.product_offering_id
  asn               = 65000
  capacity          = 1000
  external_ref      = "my-cloud-router"
}

Argument

Description

product_offering

ID of the Cloud ROUTER product offering. To find available IDs, use the ixapi_de_cix_product_offerings_cloud_vrf data source.

asn

BGP Autonomous System Number for this VRF

capacity

Bandwidth in Mbit/s, within the offering's min/max range

external_ref

Free-form reference field for your own tracking

Account fields

managing_account, consuming_account, and billing_account appear on every resource. For most customers, all three will have the same value — your DE-CIX account ID.

They can differ in reseller or sub-account scenarios:

  • managing_account — the account that owns and manages this resource
  • consuming_account — the account that uses the service
  • billing_account — the account that is billed for the service

Computed attributes available after creation: id, state.

Network Service Configs (NSC)

A Network Service Config (NSC) attaches a Cloud ROUTER to a network service and defines one BGP session. The Cloud ROUTER must exist before any NSC is created.

There are two types:

  • P2P VC (point-to-point virtual circuit)
  • Cloud VC (cloud connectivity)

Network Service Config: Point-to-Point Virtual Circuit (P2P VC)

resource "ixapi_de_cix_cloud_router_network_service_config_p2p_vc" "session" {
  managing_account   = var.account_id
  consuming_account  = var.account_id
  billing_account    = var.account_id
  cloud_router       = ixapi_de_cix_cloud_router.main.id
  network_service    = var.p2p_vc_network_service_id
  network_connection = var.network_connection_id
  address            = "10.0.1.1/30"
  bgp_neighbor       = "10.0.1.2"
  bgp_neighbor_asn   = 64512
  bgp_password       = var.bgp_password
  admin_status       = "enabled"
  bfd_enabled        = true
  external_ref       = "p2p-session-fra"

  vlan_config {
    vlan_type = "dot1q"
    vlan_id   = 100
  }
}

VLAN types

vlan_type

Required attributes

dot1q

vlan_id

qinq

outer_vlan, inner_vlan, outer_vlan_ethertype

untagged

Computed attributes available after creation: id, state.

Network Service Config: Cloud Virtual Circuit (Cloud VC)

resource "ixapi_de_cix_cloud_router_network_service_config_cloud_vc" "cloud_session" {
  managing_account  = var.account_id
  consuming_account = var.account_id
  billing_account   = var.account_id
  cloud_router      = ixapi_de_cix_cloud_router.main.id
  network_service   = var.cloud_vc_network_service_id
  address           = "10.0.2.1/30"
  bgp_neighbor      = "10.0.2.2"
  bgp_neighbor_asn  = 64513
  bgp_password      = var.bgp_password
  admin_status      = "enabled"
  bfd_enabled       = true
  handover          = 1
  external_ref      = "cloud-session-fra"
}

Argument

Description

handover

Cloud side diversity. For most cloud providers this is always 1. For Azure, 2 can be used for a secondary handover point. 1 = Primary handover, 2 = Secondary handover.

external_ref

Free-form reference field for your own tracking

Computed attributes available after creation: id, state.

Prefix Lists

A prefix list is a named set of IP prefixes used as match conditions in routing policies.

resource "ixapi_de_cix_cloud_router_prefix_list" "customer_nets" {
  name              = "customer-networks"
  managing_account  = var.account_id
  consuming_account = var.account_id

  match_list {
    prefix     = "10.0.0.0/8"
    min_length = 16
    max_length = 24
  }

  match_list {
    prefix     = "192.168.0.0/16"
    max_length = 24
  }
}

Each match_list entry accepts:

Argument

Description

prefix

IP prefix in CIDR notation (required)

min_length

Minimum prefix length to match. Defaults to the prefix length.

max_length

Maximum prefix length to match

Routing Policies

A routing policy is an ordered list of entries. Each entry optionally matches a prefix list and applies an action.

resource "ixapi_de_cix_cloud_router_policy" "inbound" {
  name              = "inbound-policy"
  managing_account  = var.account_id
  consuming_account = var.account_id

  entries {
    sequence_number   = 10
    match_prefix_list = ixapi_de_cix_cloud_router_prefix_list.customer_nets.name

    action {
      filter           = "accept"
      local_preference = 200
    }
  }

  entries {
    sequence_number = 20

    action {
      filter = "reject"
    }
  }
}

Policy action attributes:

Argument

Values

Description

filter

accept, reject

Whether to accept or reject matched routes (required)

local_preference

integer

Set BGP local preference (accept only)

as_path_prepend_count

integer

Number of times to prepend the local AS (accept only)

An entry without match_prefix_list matches all routes. This is typically used as a final catch-all reject entry.

Static Routes

Static routes are added to a Cloud ROUTER VRF and can be scoped to specific NSCs.

resource "ixapi_de_cix_cloud_router_static_route" "aggregate" {
  name                    = "default-aggregate"
  prefix                  = "10.0.0.0/8"
  next_hop                = "aggregate"
  network_service_configs = [ixapi_de_cix_cloud_router_network_service_config_p2p_vc.session.id]
}

The next_hop field accepts:

  • "aggregate" — summarizes the prefix without forwarding to a specific next hop
  • An IP address — forwards traffic to a specific next hop address

Data Sources

Data sources let you query existing IX-API objects without managing them as resources.

Discover available product offerings

data "ixapi_de_cix_product_offerings_cloud_vrf" "available" {}

Advertised routes

data "ixapi_de_cix_cloud_router_network_service_config_advertised_routes" "p2p" {
  network_service_config_id = ixapi_de_cix_cloud_router_network_service_config_p2p_vc.session.id
}

Received routes

data "ixapi_de_cix_cloud_router_network_service_config_received_routes" "p2p" {
  network_service_config_id = ixapi_de_cix_cloud_router_network_service_config_p2p_vc.session.id
}

VRF routing table

data "ixapi_de_cix_cloud_router_routes" "main" {
  vrf = ixapi_de_cix_cloud_router.main.id
}

BGP session state

data "ixapi_de_cix_cloud_router_bgp_state" "session" {
  nsc_id = ixapi_de_cix_cloud_router_network_service_config_p2p_vc.session.id
}

BFD session state

data "ixapi_de_cix_cloud_router_bfd_state" "session" {
  nsc_id = ixapi_de_cix_cloud_router_network_service_config_p2p_vc.session.id
}

VRF ARP table

data "ixapi_de_cix_cloud_router_vrf_arp_table" "main" {
  vrf = ixapi_de_cix_cloud_router.main.id
}

How did we do?

Provider Configuration

State Management

Get in touch