Hi all -
Just wanted to invite you all to the upcoming Peering
Birds-Of-a-Feather session at the upcoming NANOG, and give you a
flavor of a couple of the topics to be discussed...
Peering Introductions
-------------------------------
For Peering Coordinators who would lke to introduce themselves to the
North American Peering Coordinator Community, we have some time set
aside for you to introduce yourself and share with the Community:
Company Name and Contact Information,
AS#,
Where you are peering or expect to peer in the future,
What you are looking for in a peer, and
Why people should be interested in peering with you.
We have found these face-to-face interactions helps facilitate
peering, particularly for folks coming in from overseas. It helps to
bring network maps, and lots of business cards. If you email
wbn(a)equinix.com this information I will make a slide with your contact
information on it that will show up behind you are you speak.
The Public vs. Private Peering Debate
--------------------------------------------------------
We have recruited two Peering Coordinators to articulate the two sides
of the Great (Public vs. Private) Peering Debate. They have graciously
agreed to share with the audience the Strongest Arguments for Public
Peering (Maurice Dean), and the Strongest Arguments for Private
Peering (Peter Cohen). Each side will have a few minutes to present
their case, then a few minutes to attack the claims made by the other
side and/or reinforce their own side of the argument as needed. We
will perhaps add a few minutes in the middle for a couple of limited
scope audience questions; those to help the speakers clarify a point
(no speeches or attacks here). Both sides will then summarize their
argument and the audience will be asked to vote for which side made
the more compelling case.
Audience Discussion
-------------------------------
As we did last Peering BOF, we will open the floor to discussion,
focusing on points that one or both sides failed to make, or failed to
make strongly enough, that would have perhaps made a difference in the
audience vote.
Background
------------------
I researched this issue with a subset of the Peering Coordinator
Community and shared the early results at the RIPE EIX WG meeting. If
the discussions there are any indicator, I think we are in for an
interesting and educational community discussion here.
Below is an excerpt of the public vs. private peering arguments I
heard from the Peering Coordinator Community and shared at the RIPE
EIX WG meeting. I agree with the Peering Coordinators who believe the
answer for most ISPs is a hybrid of public and private peering. I
also agree that perhaps there sometimes emerges a transition based
upon scale and strategic intent, but we will see what the community
comes up with at the BOF.
Bill
PS - I cut and pasted the text below from the "The Great (Public vs.
Private Peering) Debate: Peering at 10G" white paper that I am using
to document these debates as they relate to 10 Gigabit-per-second
Ethernet Peering. I am still looking for reviewers to provide
feedback here BTW...If you are interested in this stuff and can spend
a little time to provide feedback, send email to wbn(a)equinix.com.
When I feel more comfortable that I have it right, I will make the
paper freely available to anyone who would like a copy.
-----------------------------------------------------------------------------------
:
<snip>
:
The Top 4 Reasons Public Peering is better than Private Peering
1. Aggregation Benefits
a. A network can easily aggregate a large number of relatively
small peering sessions across a single fixed-cost peering port, with
zero incremental cost per peer. (Private peering requires additional
cross connects and potentially an additional interface card, so there
are real costs associated with each incremental peering session.)
Small peering sessions often exhibit a high degree of variability in
their traffic levels, making them perfect for aggregation. Since not
all peers peak at the same time, multiple peers can be multiplexed
onto the shared peering fabric, with one peers peak traffic filling in
the valleys of another peer's traffic. This helps make peering very
cost effective: "I can't afford to dedicate a whole gigE card to
private peering with this guy, but public peering is a no-brainer."
b. Public peering ports usually have very large gradations of
bandwidth: 100Mbps Ethernet upgrades to 1Gbps Ethernet, which upgrades
to 10Gbps Ethernet. With such large gradations, it is easier for
smaller peers to maintain several times more capacity via public
peering than they are currently using, which reduces the likelihood of
congestion due to shifting traffic patterns, bursty traffic, or
uncontrolled Denial of Service attacks. "Some peers aren't as
responsive to upgrading their peering infrastructure, nor are they of
similar mind with respect for the desire for peering bandwidth
headroom[1]." The large gradations of public peering bandwidth help
reconcile these two issues.
2. Ease of administration
a. Public peering is the easiest and fastest way to both
turn up and turn down a peering sessions, since no physical work is
required. Peering is soft configured by the two parties on the router
and the peering session is up.
b. It is common for a network to set up a trial peering
session to determine the amount of traffic that would be exchanged
should a session be turned up. If there is public peering capacity
available, there is no incremental cost or extra administrative work
required to turn up a trial peer, and the information gathered may
prevent choosing an incorrect private peering port size if the traffic
is moved to a private peer later.
c. Many Peering Coordinators must work within a budget, and
do not have decision making authority for purchases within their
company. Once the public peering switch port is ordered, there is no
additional cost and therefore no additional hurdle to peering for the
Peering Coordinator.
d. Public Peering provides financial predictability. The
hardware requirements and monthly recurring costs of peering are the
same every month[2]. This makes planning and budgeting much easier.
e. 10 Public Peering scales large peering sessions (those
greater than 1Gbps) seamlessly, while private peering beyond gigE
capacities requires private peering at 10G (very expensive), or
connecting multiple gigEs together, which can be tricky[3].
3. Public Peering is used as Selection Criteria by Customers
a. Corporate and Enterprise customers continue to ask to see the
list of the ISP's public peering points[4].
4. Public Peering May Be the only Cost Effective way to Peer across
multiple Colos
a. Across Europe, where public peering across multiple collocation
centers is the norm, private peering is often a much more expensive
solution. Purchasing private peering circuits within a metro is
potentially very expensive, while the same traffic can traverse a
shared peering fabric for much less.
The Top 5 Reasons Private Peering is better than Public Peering
---------------------------------------------------------------------------------------------
Here are the strongest argument private peering advocates shared with
the author.
1. Private Peering Sessions are Easier to Monitor
a. SNMP Counters can be easily collected on each peering port
to monitor the utilization of the Peering Session resources. No time
intensive Netflow or expensive network analysis software[5] is
required to sort through shared peering fabric data to determine
per-peering-session traffic volume.
b. Greater Visibility: No Blind Oversubscription Problem. With
public peering, the remote peer could be congesting his port with the
other peering sessions and you have no visibility into their public
peering port utilization. Packets could be dropped due to port
oversubscription resulting in poor peering performance. Since Private
Peering involves only the two parties, when the port reaches an agreed
upon utilization (say 60% utilization for example), both parties can
see that it is time to upgrade the peering session.
2. Private Peering is Very Cost Effective
a. If an expected peering port and cross connect costs were $400
per month and the parties expected to send 40Mbps to each other, the
EPPR would be $400/40Mbps=$10/Mbps, a very attractive price in today's
transit market.
b. For those who exchange traffic with a few large peers, the
80%/20% rule applies; the majority of peering benefits can be derived
by peering with the 20% of potential peers that deliver 80% of your
traffic. This suggests fewer larger peers is preferable over picking
up lots of small peers across a public peering fabric.
3. Private Peering is more reliable and easier to debug.
a. Private Peering involves fewer network components that could
break.[6] It should be noted that this argument weakens when the
"private" peering are provisioned across VLANs, though optical
interconnects, telco provisioned SONET services, or other active
electronics.
b. An architecture of private peering removes the variability of
support processes across IXes[7]. Across Europe, each IX is different,
and a NOC Operator may need to understand the processes, the levels of
support and debugging capabilities of the switch support staff on call
at the IX, and may even need to craft NOC scripts to navigate through
the IX operations tasks. A private peering architecture provides
consistency that helps the NOC debug and fix things more rapidly.
c. The greater fear is that layer 2 fabrics could be connected
through other layer two fabrics perhaps without the knowledge or
consent of the peer, resulting in a very difficult debugging and
diagnostics situation if a peering failure occurs.
4. Private Peering Sessions are More Secure
a. A private peering network that is directly connected only
with those with whom there is an explicit peering arrangement is more
secure than a network that connects to a public peering fabric that
includes participants with whom there is no relationship with the
company. There is some history here; early exchange points were places
where "traffic stealing" was accomplished by pointing default at an
unsuspecting and poorly secured public peer. Other problems included
peers tunneling traffic across the ocean across a peer's network.
These things are explicitly disallowed in most peering and IX terms
and conditions and can be further secured through filtering, but are
still seen as potential hazards minimized by privately peering.
b. An architecture that solely privately peers is less likely
to be compromised. Since fiber has no active components that can be
administered, there is nothing that can be broken into. With a switch
or other active electronics in between peers, there is the possibility
that traffic can be captured at the peering point without their
detection. It is relatively easy to mirror a public peering port as
compared with tapping into private peering fiber cross connects
without the detection of the peers involved. A few ISPs pointed to
technology that can passively tap into fiber interconnects, which if
true, would decrease the strength of this argument.
5. Private Peering Inclination Signals a More Attractive Peer.
a. The "Big Players" privately peer with each other and some
even loath Public Peering Fabrics for historical reasons. Adopting
this attitude puts one in the company of the largest Tier 1 ISPs in
the world. "For certain very large networks, public peering makes no
sense at all. For certain very small networks, public peering may make
perfect sense[8]." Or put more harshly, "if you think that public
peering is a good idea, you're just not large enough yet[9]."
________________________________
[1] James Rice (LoNap), formerly engineering for BBC Internet.
[2] Modulo the incremental costs for hardware at the cost steps
described earlier and the pricing increases at the end of contract
terms with the IX Operator. It was pointed out during conversations at
the RIPE 50 meeting that the LINX charges a metered rate beyond the
flat peering fee, and that some IXes have a fractional gigabit
Ethernet rate that causes pricing steps.
[3] Patrick Gilmore (Akamai) in conversation 4/7/2005 regarding load
balancing across multiple cross connects.
[4] Frank Orlowski (T-Systems) in conversation 4/8/2005.
[5] Some of these tools cost $50,000 to license!
[6] Remco Donker (MCI) and Nina Hjorth Bargiser (Tele Danmark) point
out that some people view large capacity public peering as too risky;
losing a single large public peering port would cause massive
disruption to the infrastructure, and would result in much larger
convergence times than if a single private peering port went out.
[7] Falk Bornstaedt and Frank Orlowski (T-Systems).
[8] Richard Steenbergen conversation 3/23/2005
[9] Anonymous