An IXP is a delicate environment. It is where several ISPs, of different cultures and backgrounds, meet. It is a common ground, useful to all members. Like in all common areas, there must be rules that all should observe to ensure that the IXP runs smoothly, for the benefit of all.
Mandatory requirements
Any ISP wishing to participate to an Internet Exchange must have been assigned by a Regional Internet Registry (RIR) or a Local Internet Registry (LIR): an Autonomous System number, and a set of IP subnets. Without those elements, an ISP would not be able to run BGP on its routers, and therefore establish BGP peerings with other members of the IXP.
Requirements for the better functioning of the peering LAN
The purpose of the peering LAN of an IXP is to let ISPs exchange IP traffic between their Autonomous Systems (and those of their customers). The only function that routers connected to the IXP (or at least the interfaces connected to the IXP) should accomplish is to establish BGP peerings and to forward IP traffic.
Features that do not perform BGP-related functions which are active on ISP routers might be not only useless, but potentially dangerous to the operations of the IXP. In particular, an ISP router should only send the following ethertypes on the peering LAN: IPv4, IPv6 (assuming IPv6 is supported by the IXP) and ARP.
The ISP routers should not run on the interfaces connected to the IXP the following protocols:
Spanning Tree 802.1D. A misconfiguration of the spanning tree protocol might include the peering switch in the spanning tree, and make it "part" of the ISP network.
Proxy ARP RFC1027. A router configured with Proxy ARP answers to all ARP queries passing through the network. This is dangerous, as it could lead to hijacking packets destined to other ISPs. Please note that on some routers Proxy ARP is on by default, so it may have to be proactively shut down.
Discovery protocols (ex. CDP, LLDP). These are also considered internal management protocols and should stop at management boundaries.
Behind the IXP port, only one MAC address per service should be visible. This protects the exchange against potential loops which can sometimes happen if there is a third party layer-2 provider who supplies more than one member with remote connections to the IXP.
Typically, the members' routers are colocated at the same site of the IXP device. However, several IXPs allow "remote" connections. If the IXP allows remote connections, it will be less easy to have a "control" over ISPs' connections. It might then be necessary to add a few supplementary controls in the configuration of the device (see next section).
No member should advertise the peering network or any subnet thereof, just as it would not advertise a network that does not belong to him/her. The peering network belongs to the Internet Exchange; it is up to the Exchange to advertise it if the IXP sees fit to do so.
