Internet Exchange Point and its Necessity

What is an Internet Exchange?

An internet exchange point (IXP) is a physical network access point through which primary network providers connect their networks and exchange traffic. Sometimes it is hard to believe that the Internet can be stored in some physical segment. Although it is true, that the internet is stored. While using the Internet, we connect to two networks at a time to acquire data and is known as Peering.

What is Peering?

Peering is a process by which two Internet networks connect and exchange traffic to distribute traffic to each other’s customers without having to pay a third party to carry that traffic across the Internet for them. The routing protocol that allows peering between ISPs is Border Gateway Protocol (BGP), which is free and benefits all ISPs.

What are the different types of Peering?

  • Public Peering: Public peering is performed over a Shared network called Internet Exchange Points through which connecting to many peers becomes easy with lesser costs. Useful for a small volume of traffic.
  • Private Peering: Private peering is performed by establishing a direct physical connection (usually consisting of one or more 10GE fibers) between two internet networks. Useful for Large volume of traffic.

Why does a country need an IXP?

Let’s presume, that you as an end user browsing something which is hosted outside India through your service provider, the query will go all the way through the international gateway to Singapore and then come back to you. The time taken to achieve this becomes much.  In order to get this query to be routed locally, IXP’s come in to picture which provides a platform to those providers to host their infrastructure locally and serve the users with lowest possible latency.

What are the benefits of Internet Exchange Points (IXP)?

  1. Substantial cost saving with local networks & hosting global CDNs.
  2. More improved bandwidth.
  3. Reduced latency with a better quality of experience.
  4. High-speed data transfer.
  5. Enhanced Routing efficiency.

Should businesses be close to IX Points?

Being close to internet exchanges can be thoroughly favorable for your business/company if you want to recover information from collocation facilities, like data centers, often. This is mostly due to the cost of sustaining the network but is also applicable to the time it takes to recover information from the centre. However, if you want to recover something from an internet exchange that is not situated physically close to your office, you would require more than just the fiber cable and other equipment which can turn out to be costly to maintain.

Internet exchanges make the internet a swift and easy tool for business use. It helps you retrieve and forward data over the internet and execute tasks. Being close to an IXP can bring the company great advantages and help it to achieve more as costs will be lower, response time will be lower and your data will be safer.

Mumbai Convergence Hub was India’s first private Internet Exchange which is now DE-CIX India. DE-CIX India is one of the Largest Internet Exchange in India currently interconnects 200+ Networks all across India & the World. DE-CIX India runs Internet Exchange Point in Indian Metro cities in MumbaiDelhiKolkata & in Chennai. DE-CIX India is a carrier & datacenter neutral, Internet Exchange for the Indian & South Asian markets DE-CIX India is backed by DE-CIX Global which is the world’s largest Internet Exchange with 8 terabits of per second. DE-CIX also runs 16+ Internet exchanges across the world.

DE-CIX India is always happy to help its community, if you wish to connect or have any query, please drop us a mail at marketing@de-cix.in

What is DDoS Attack?

In computing, the most powerful weapon is the distributed denial-of-service attack (DDoS attack) is a digital-attack where the culprit attempts to make a machine or network resource unreachable to its end users by briefly or indefinitely interrupting services of a host connected to the Internet. This aim is to flood the website or computer with maximum traffic to the server/network then it can handle.

Types of DDoS attacks:

  1. Volume-based: As the name signifies, volume-based DDoS attacks rely on the volume of incoming traffic. This attack involves requests sent to the target system. If they can lade your website/system, the attack is successful. It is quite easy for attackers to attain their purpose. This form of attack could involve tens, hundreds or even thousands of system. It can be measured in bits per second.
  2. Application-based: In this type of attack, hackers use weakness in the web server software or application software that direct the webserver to decline or crash. A ubiquitous form of application-based attack requires sending limited requests to a server in an aim to build the entire database connection pool of the server engaged so that it blocks the legitimate requests.
  3. Protocol-based: Unlike volume-based attacks, protocol attacks directly to consume server resources instead of bandwidth. They also target what is known as “intermediate communication equipment,” which in easy words refers to intermediaries between the server and website, such as firewalls and load balancers.

Signs of DDoS attacks:

DDoS attacks have specific symptoms. It ranges from a virus to a slow Internet connection- it is tough to identify without professional diagnosis or network traffic monitoring and analysis. The symptoms of a DDoS include:

  • Slow access to files, either locally or remotely
  • Long-term incapability to connect a particular website
  • Internet disconnection
  • Problems retrieving all websites
  • An excessive amount of spam emails

What is the impact of DDoS attacks?

How to mitigate these attacks?

Before your website crashes and goes offline entirely and you have tried all other possibilities, then it could be a DDoS attack and to defend your site against such attacks, here are some steps:

  • Observe your website activity:

Monitor your network activity precisely so you can perceive when anything is amiss.

  • Enhance your website capacity:

Have an ample capacity to bear the load and improve performance during spikes.

  • Utilize a Web Application Firewall:

Firewalls and routers should be configured to dismiss fraudulent traffic and it is advisable to keep your routers and firewalls updated and restored with the security patches.

  • Inspect artificial intelligence to route Internet traffic:

The systems that can promptly route Internet traffic to the cloud, where it’s scrutinized and malicious web traffic can be intercepted before it reaches a company’s computers.

At DE-CIX Frankfurt provides DE-CIX’s GlobePEER Remote service, you can announce Blackholes at remote DE-CIX Internet Exchanges.  As a result, traffic is dropped closer to the source of the DDoS traffic creation. Dropping DDoS traffic closer to the source of origin takes the load off your backbones and network, so your peering and transit connections are unburdened. This reduces operational complexity and saves money.

Benefits of using remote Blackholing:

  • DDoS traffic is dropped closer to the source
  • Your backbones and network are relieved of DDoS traffic
  • Transit and peering connections closer to your service region are unburdened
  • Attack volumes and collateral damage in your service region are reduced
  • The operational complexity of mitigating DDoS attacks is reduced
  • Money is saved

Conclusion:

DDoS Attack is an assault on availability in the pool of services which has repercussion on monetary losses, loss of company stature, and intrusion in the work environment. The complication is that the reliability on technologies like firewall, routers, etc are very fragile to block DDoS as it cannot differentiate between genuine and fake traffic. To compete with DDoS, a one-way attempt cannot prevent or overcome it, it needs all-round help to approach it.

Peering Vs IP Transit

The Internet means the interconnection of computer networks which is connected by a group of servers and networks the same way cities and towns are connected by roads and highways, all the networks on the Internet need some way to communicate. The two types of interconnection that exists are “IP Transit” and “Peering”.

IP transit: The term “transit” means the transportation of systems from one place to another. In networking, a large amount of data flows from one network to another. For example, it can be similar to the water pipe inside the wall that says ‘Internet this way’.

Peering: Peering is a process by which two Internet networks connect and exchange traffic to distribute traffic to each other’s customers without having to pay a third party to carry that traffic across the Internet for them. The routing protocol that allows peering between ISPs is Border Gateway Protocol (BGP), which is free and benefits all ISPs.

The difference between the two is when an organization connects to an ISP with the motive of accessing the whole internet, it is known as IP transit. It should not be jumbled up with connecting to an ISP over border gateway protocol (BGP) peering, peering is only for an organization’s prefixes and their directly connected peer.

Different levels of ISPs:

Numerous ISPs that operate within a city/town. The internet that we access at home is provided by Tier-3 ISPs. These are the most basic level of ISPs are subject to a limited area. ISPs that cover large population-based areas are Tier-2 ISPs and can cover the whole state or an entire country. Tier-1 ISPs are in-charge for global internet connectivity. These ISPs have non-disclosure agreements with each other for the transit of data. These may include the amount of data to be exchanged, the use of the equipment among others.

Tier -1: The Tier-1 ISP is a transit free network. They do not pay for internet transit as they are the transit providers. ISPs of different ranks pay them if they want to acquire internet transit services.

Tier -2: The Tier-2 ISP networks remunerate for internet transit to Tier-1 ISP to acquire some features of the internet. They then provide internet services to Tier-3 ISPs. These ISPs also have an arrangement for internet sharing with each other called peering.

Tier-3: The Tier-3 ISPs are at the lowest of the hierarchy and have to pay for transit as well as peering services.

To choose IP Transit or Peering?

The major difference between IP Transit and Peering is the tariff. While obtaining services from a transit service provider we need to reimburse the traffic settlement costs. But in peering the cost is negligible as the exchange of data is shared. The cost involved in peering is due to equipment, tools and power utilization among others.

Talking about IP transit, an SLA (Service Level Agreement) between the ISP and the transit provider is signed. The SLA states an agreement linking the two parties where the transit provider has to provide certain services to the ISP at a pre-defined charge.

Conclusion:

ISPs have an option of either peering with other networks or purchase IP Transit. On the other hand, some ISPs operate on both services – it is general for a large quantity of an ISP’s traffic requirement to be met through the use of IP Transit, and increased by peering where the conditions are satisfied.

whatsapp