DE-CIX gains in security and stability with the update of its network

The main operator of Internet exchange points, DE-CIX, has updated its network through a process that has consisted of migrate your connections to an Ethernet VPN (EVPN) and in move your Apollon platform to Peering LAN 2.0equipped with more stability and additional security functions.

By switching to EVPN, DE-CIX has managed to reduce unnecessary network noise by up to 25%, reducing the load on connected routers and reinforcing the security of exchange points. This noise that occurs is caused by the ARP protocol for IPv4 and the NDP protocol for IPv6, which by their nature cause many requests to be sent at the same time to all connected client routers. And the bigger the platform, the more requests there will be.

But with the EVPN version implemented in DE-CIX exchange points. The routers then reply to the requests or drop them. In this way, the ARP and NDP requests that each customer router has to manage are significantly reduced.

At the same time, it also improves the efficiency of the 2,600 networks connected through the Apollon platform. In addition, the EVPN avoids certain attack vectors, as well as various sources of errors, which results in greater robustness and security in the platform. The version of the Ethernet VPN that is currently deployed in DE-CIX exchangers is based on an extension of the RFC 9161 protocol that incorporates several new security functions.

Regarding the migration to Peering LAN 2.0, it began in November with the update of the company’s headquarters in Phoenix (Arizona) and Frankfurt, and has ended with the migration of the last closed user groups of the Apollon platform. The entire process has been carried out at night, during regular maintenance tasks, which has meant that system performance was not affected by the change.

To carry out the migration, and to do it without problems, the DE-CIX team in charge made a virtual mapping of the interconnection network of all its exchange points, using this virtualized environment to test the process. In this way, the company checked where problems could arise during the migration and fixed them so that they did not interfere with operations.

Thomas King, CTO of DE-CIXhas stressed that «heCarrying out a migration while the usual operations are in progress is always a challenge, because it is like an open heart operation”, in addition to noting that “with the migration we are making our Internet exchange points around the world more insurance, increasing their performance and facilitating management for our clients. In addition to our automation initiatives and continuous upgrades, including, for example, adapting our platforms to 800 Gigabit Ethernet, the migration to Peering LAN 2.0 is an essential step on our path to creating the Internet Exchange of the future.«.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *