FIX Berlin Rules

An internet exchange is a shared Ethernet medium. In order to protect the exchange, participants are required to follow a number of rules

Allowed Traffic

FIX Berlin exists for the exchange of unicast Internet traffic. Traffic unnecessary for this purpose is prohibited.

In many cases the exchange fabric is configured in such a way as to automatically protect itself from misuse by dropping of prohibited packet types. However, participants are requested to ensure they do not

MAC Layer

MAC Addresses

FIX Berlin operates a MAC address allowlisting system. Participants must only source packets from MAC addresses associated with them in IXP Manager. The infrastructure will only forward packets on the basis of these statically configured MAC addresses

Packet Types

Participants must only send packets with the following ethertypes into the medium:

0800Internet Protocol, version 4
0806Address Resolution Protocol
86DDInternet Protocol, version 6

In particular, participants should ensure that their equipment is configured with discovery protocols such as the Link Layer Discovery Protocol, Cisco Discovery Protocol disabled.

Participants must ensure that Spanning Tree Protocol is disabled. The FIX Berlin fabric is configured with BPDU protection enabled, and sending STP packets into the fabric will result in the port automatically being disabled.

Unicast Packets Only

With the following exceptions, all packets must be unicast

  • IPv4 Broadcast ARP packets, and
  • IPv6 Multicast Neighbour Discovery packets

Proxy ARP

Proxy ARP must be disabled on any exchange-facing interfaces. Participant machines must only respond to ARP requests for their own peering LAN IPs.

No Link-Local Traffic

With the exceptions of IPv4 ARP and IPv6 Neighbour Discovery, no link local traffic is permitted.

IP Layer

No Directed Broadcasts

Participants shall not forward IPv4 directed broadcast packets to their FIX Berlin ports (those with destination IP

No export of the peering LAN

Participants must not export the FIX Berlin peering LAN outside of their own network, and are encouraged to not export the prefix outside of their peering router.

General Routing Policy

Participants may only direct traffic to another peer in accordance with prefix announcements exchanged (either in bilaterally in direct sessions, or multilaterally via the route servers) via BGP.

Participants may not configure static routing (including default routing) to another participant.

Route Server Peering

All participants must peer with the FIX Berlin route servers and announce any routes they intend to announce to peers over the FIX Berlin fabric, in order to facilitate route collection and debugging.

(Participants are not required to peer multilaterally via the route servers. Peers with selective peering policies may announce all peers towards the route servers with large community (198136, 0, 0) in order to prevent them being announced to other parties)