RE: lug_: RE: FW: [AfrISPA.Discuss] Internet Exchange - Tanzania

["Mark Tinka" <mtinka@africaonline.co.sz>]

owner-lug@kym.net wrote:
>>> itself...  Most people would put the stats server elsewhere, so it
>>> wouldn't run into a reachability problem.
> 
> 
> I hope I am not sounding like a cross between a horse and a donkey
> here...

No, that would be beneath us :).

>...but I would think that if a server that is located at the IXP is
> unreachable, then that spells worse trouble for all clients connected
> to the IXP because that would directly imply that the IXP itself is
> down!!!!

Actually, not true.

By "reachability problem", what Bill meant to say was reachability problem
from the greater Internet, and not from each individual ISP's customers or
routers at the IX.

Just to make it a little clearer, the IX is actually not connected to the
greater Internet (by greater, I mean the Internet geographically outside of
Uganda). The IX has a netblock, a /25 to be exact, which as allocated by an
RIR (Regional Internet Registry), RIPE to be exact. 'whois -h whois.ripe.net
194.153.153.0' will show this.

When an RIR allocates address space, the owner of the address space has to
ensure that, for one reason or another (mostly for connectivity and
reachability), that address space is seen by the rest of the Internet. Most
probably, via a BGP feed through multiple carriers/providers. Failing this,
the record that the allocation has been done to ABC Company will maintain,
but the netblock will not, literally, be visible on the Internet.

Now, an IX doesn't really need to connect to the greater Internet, per se.
The reason for this is because all its members (ISPs who are already
connected to the Internet via their satellite or fibre hookups) are already
connected. The IX only becomes a meeting point, if you like, for all these
members to converge, and exchange what is otherwise known as 'local
traffic'. By local traffic, we mean any traffic that needs to go from ISP A
in Uganda to ISP B also in Uganda. As you can clearly see, the need for
reachability to the IX from the greater Internet, is null, because all its
members are already reachable via their own gateways. The IX, in itself,
isn't an end user, it's a means to an end.

The reason you may/could find an IX connected to the greater Internet, is if
members are connecting to the IX, and need to access both local and
international traffic over the IX fabric. For instance, SAIX (South African
Internet Exchange) is one such IX. However, such an IX would be a commercial
one (unlike the UG case), and members would need to pay for access to both
local and international traffic. In SA, SAIX is being run by the state
telco, Telkom SA, hence the term, commercial IX.

So, since all ISPs already own their own gateways to the Internet, there is
no need for the IX to have a connection to the rest of the Internet. The
most basic reason for the IX is to keep_local_traffic_local, not be
reachable by non-local users. So, in pursuit of this objective, an IX only
knows how to connect ISP A to ISP B, but doesn't know how to connect
User-in-Russia to ISP B's clients.

So, while the IX is unreachable from the greater Internet (as is the case,
this very second), it still serves its function, of ensuring traffic you
send to One2Net (for instance), doesn't go over your ISP's international
gateway, but instead finds some 'automagic' way of landing at the UCC
building on Kampala road.

> Maybe some companies or ISPs connected to the IXP are scared of having
> their traffic monitored? Just wondering:-)

This is one of the many dangers of using the Internet, even without
connectivity to an(y) IX.

Having said that, there are several reasons you probably don't want your IX
connected to the Internet. Just to name 2:

1. It will attract unwanted attention and traffic to itself. We already have
enough of these problems as ISPs.

2. The /25 that was allocated by RIPE is too long (or too small) a netblock
to advertise to the rest of the world, via BGP. Most, if not all, ISPs
filter on /24. This means anything longer than a /24 (and the /25 is a
candidate) will not get into the various providers' routing tables. And if
this doesn't happen, then their neighbors won't see the route either, and so
on and so forth. In the end, the /25 will be close to unreachable, anyway.

> And if my understanding of the whole IXP thing is correct, I would
> think that it is supposed to be neutral servant, having no extra
> obligations to any of the masters connected to it apart from passing
> on requests to and fro the masters. 

This is true. For a non-commercial IX like the UIXP, its only obligation is
to ensure it passes traffic across all ISPs in Uganda. Giving it a
connection to the Internet is not part of the bargain. So if the 'masters'
don't need it, why does the IX?

>So now, if we get a supervisor for
> this servant and tell one of these masters to host him in his living
> room, how sure shall we be of the impartiality of the reports being
> generated by the supervisor? Tampering??

TCP/IP. The beauty of it is that it has no geographical boundaries. For all
it knows, you can host the stats server in a cave in Afghanistan and still
pick the data off the IX. IP brings the_world together.

About impartiality, computer applications may be bright, but not that
bright. It either serves the data, or not! Try fidgeting closing that porn
browser as your manager makes his rounds, and really see how 'impartial'
computing can be :).


> If at any one time these stats will be/could be made available for
> public consumption(where public refers to any individual/organisation
> interested enough to know the distribution of the traffic through the
> IXP) and this stat server is not at the IXP itself, how sure shall we
> be that those are the valid stats being given out to the public?

How sure are you that the YahooMail! you are browsing is actually coming off
a server being hosted at the Yahoo! office? How sure are you that I am in
Swaziland right now, as I type this message? I could just be behind Door No.
1 :).

The point, if a company, such as CFI, has undertaken to deliver stats off
the IX network, and make that information available to the whole world, I
guess that's the best they can do. The rest is all tech politic-king.

> I
> mean, if someone could make advertisng capital out of the fact that
> poorly designed car radios stop at their frequency, how much more
> impact would having the most traffic through an IXP have on the market
> forces? Just wondering as above.

The IX is not intended to drive dial or leased line sales of any ISP up
(although the brightest ISP can definitely benefit from this, if they
advertised their presence at the IX in just the right amount of
proportions), and even if it did, it wouldn’t last forever. All the client
(who is the real end user, the person we all want to please) cares about is
his packets getting from ISP A to ISP B, or from ISP B to a BT client in
somewhere the UK. 

About whether his packets go over the exchange, via satellite, through a
Cisco or Juniper router, via fibre, on copper, through a switch, through
three layers of your network, in the air, on a piece of thread with 2 cans
on either side, means_utterly_nothing_to_him.

Besides, car radios can be retro-engineered to go past their official
frequency mark. Ever heard of 'expanders' in the more creative parts of
Kampala :)

Regards,

Mark Tinka
Technical Manager, Africa Online Swaziland



--
This is the UiXP techies list.
The list archives can be found at http://uixp.co.ug/archives.