How to implement GlobePEER services

The DE-CIX port turn-up process ensures proper network connection and enables peering. This article outlines each step to establish a functional connection.

After you signed the contract to join DE-CIX, you get an email from the DE-CIX support team. They lead you through all the necessary steps to get your service up and running.

In the following, we show you some basic steps.

Useful tips in advance:

• If you are unsure about the traffic shift, avoid enabling route server peering during peak traffic times.
• Route servers can handle large traffic loads. Monitor the impact on your backhaul and ensure that your port bandwidth is adequate.
• Monitor traffic development during the following peak hours. A safe start during off-peak hours may not reflect traffic patterns during peak times.
• Expect a large number of incoming prefixes, which may exceed 200,000 for IPv4 and 50,000 for IPv6. This increase will enable outbound traffic to flow via peering.
• For inbound traffic, start cautiously. First, apply prefixes to the route server gradually, beginning with anchor networks. Then expand to include all your and your customers' prefixes.

DE-CIX port turn-up procedure

The DE-CIX port turn-up proceeds in several steps, roughly oriented at the network layers.

1. Physical turn-up
   In the very first step we only check if the fibers are lighted correctly in both directions. No pings or Adress Resolution Protocol (ARP) requests are possible. As soon as you are connected and happy with the light level you receive, please notify us so we can go to the next step.
2. Layer 2/testing Layer 3
   We now enable your port in our quarantine VLAN. You receive a testing procedure with a different IP address. Please configure this address on your router and turn-off all unnecessary features like
   
   • Cisco Discovery Protocol (CDP)
   • Proxy ARP
   • Gratuitous ARP
   • Protocol Independent Multicast (PIM)
   • etc.
   Notify us when you have configured the testing IP, and we then test your port. Also inform us about the Layer 2 Media Access Control (MAC) address of your router and make sure that any equipment between your router and DE-CIX is silent.
3. Port testing
   We now test your port for compliance in our quarantine VLAN. We might contact you to turn-off unnecessary protocols. As soon as we have finished testing, we inform you when to configure your production IP address. Notify when this is done.
4. Going live
   With testing completed and your production IP configured we move you to the peering VLAN. You can now peer with other DE-CIX customers and setup sessions to the route servers.
5. Configuring Route Server Sessions (BGP Setup)
   Within four hours of moving you to the production VLAN the sessions on the DE-CIX route servers are ready. The route servers are configured as passive, so you must initiate the Border Gateway Protocol (BGP) session.
   ​Even if you do not want to use the route servers for BGP routing you still have to setup a session for monitoring purposes (we can configure the session to be monitoring-only; you find more information in the route server guides for each location, in the section about Route Server Session Types ("Monitoring Session"). This is important for you and for us, as otherwise we cannot monitor the fulfillment of our service level agreement (SLA).

IPv4 and IPv6 Route Server Peering Configuration

Once your port is up and running, it´s time to configure the route server peering.

DE-CIX always operates two types of route servers on all its Internet Exchange Points for redundancy:

• Two IPv4 route servers
• Two IPv6 route servers

The route server gives you a large number of automatic peering sessions with many other operators who also peer via the route server. This enables you to establish up to hundreds of peerings, simply by configuring two IPv4 and two IPv6 route server sessions.

The DE-CIX support team provides instructions for setting up route server peering. Find the route server guide in the DE-CIX customer portal in addition (Documentation/Route Server Guide).

You also find the routeserver information via https://peeringdb.com.

Set up additional (direct) peerings

This section provides guidance on identifying and reaching out to additional peering opportunities beyond the route server.

If you’ve reviewed the route server looking glass, you may have noticed that not every exchange customer uses the route server. This is the case because some networks have a selective or restrictive peering policy. This indicates a higher peering potential for your Autonomous System Number (ASN). Typically, you reach a foundation of around 60 to 70% of the members via the route server.

There is therefore an additional potential of 30+% more peers. In terms of traffic, this can actually mean even much more than 30% of additional traffic, since the larger networks are often not peering via the route server.

Review the exchanges’ looking glasses to verify which members are and are not available via the route server.

Visit the PeeringDB records of these members to get information about who to contact at each company and the status of their peering policy. To save time, you can skip the members with a "closed" or “restrictive policy” and focus on the ones with an open or selective policy

To summarize the search for additional peering opportunities:

• Review the route server looking glass.
• Visit the PeeringDB records of these members.
• Skip members with a "closed" or "restrictive" policy.
• Focus on members with an open or selective policy.

Set up direct BGP sessions with your route server peers

We highly recommend establishing direct peerings with route server peers that exchange the most traffic or announce the highest number of prefixes. The primary reasons for doing this include:

• Redundancy: Direct peerings add an extra layer of reliability to your network.
• More Prefixes: Some peers offer more prefixes through direct sessions.
• Higher Priorities: Peers may offer higher priorities on direct sessions, which can improve performance.

However, note that DE-CIX route servers filter out “bad” prefix announcements to maintain network quality. If you establish direct BGP sessions, you must implement your own prefix filtering to ensure proper traffic management.

Troubleshooting Prefix Rejections

For safety and protection reasons, the DE-CIX route server filters prefixes based on information from Internet Routing Registries (IRR) such as RIPE, ARIN, AFRINIC, APNIC, and Merit RADb (www.radb.net). These databases provide routing information for each IP prefix.

Steps to Troubleshoot Prefix Rejections:

1. Check Your Entry: Review your entry in the DE-CIX looking glass.
2. View Rejection Reasons: If the DE-CIX route server rejects a prefix you announce, check the reason for rejection.
3. Verify Prefixes: Verify both IPv4 and IPv6 prefixes. If the route server shows fewer prefixes than you advertise, correct any errors or missing route objects.
4. Check Downstream Prefixes: Ensure your BGP downstream customers do not have incorrect or missing prefixes.

Additional Resources:

• DE-CIX Looking Glass: Access the DE-CIX looking glasses at https://lg.de-cix.net.
• PeeringDB: List your network on PeeringDB for direct peerings with other networks (strongly recommended).
• MANRS: For information on setting filters correctly, visit MANRS.

Having wrong or missing entries means:

• potential traffic path problems,
• unexpected paths are used,
• no usage of should-be-used IP infrastructure is given for these prefixes,
• and even a loss of revenue for you is likely to happen when customers traffic is using other alternative paths instead of yours.

If you need help with your PeeringDB entry setup, please get in touch with our customer service.