Framing & Ethertypes
- The BatamIX infrastructure offers ports that implement the Ethernet standard (IEEE 802.3-2012 / Ethernet II).
- Port in Access/Tangged mode, which means that only untagged Ethernet Frames are allowed. 802.1q-tagged frames not allowed.
- Allowed ethertypes are: IPv4 (0x0800), IPv6 (0x06dd), ARP (0x0806) and 802.3ad – LACP (0x8809). Traffic with any other ethertype may be dropped
Maximum Transmission Unit (MTU)
BatamIX allowed L2 payload (L3 MTU) Maximum for 9000 bytes. Frames exceeding this payload may be dropped without further notice..
Link Aggregation a.k.a link-bundling, ether-channel, port-channel, link-aggregation, bonding. is Links of the same speed, on the same device, can be bundled into a single logical interface. Bundling can be configured statically or dynamically through LACP (802.3ad).
All ports, BatamIX explicitly configured speed and full-duplex on its side and auto-negotiation is enable. Members can explicitly configure speed/full-duplex, or rely on auto-negotiation, or do both
Members are assigned one IPv4/IPv6 address per physical port or bundle in order to connect their router on the public peering LAN. Member can request a second IP for redundancy reasons
BatamIX public peering LAN IP Address space is
|IP Address V4
|IP Address V6
- Members are not allowed to use IPs other that the ones assigned to them on the ports connecting to BatamIX.
- Proxy-ARP is not allowed on the BatamIX ports.
- NAT is not allowed on the BatamIX IPs.
- Members are not allowed to redistribute the peering LAN address space into their eBGP and announce it to other AS.
For each assigned BatamIX IP address, members need to specify a single corresponding MAC address. BatamIX statically configures the provided MAC addresses in members ports
in case of hardware replacement on the member side, the member need to contact BatamIX Support in order to explicitly allow the new MAC.
Batamix implements strict port security rules for each member, like this:
- A single source MAC address is allowed per a participant physical port or logical link aggregation grouping. Additional sourced MAC addresses are forbidden.
- incoming traffic over 10Mbps of each port with unknown unicast, multicast or broadcast will be dropped.
- No broadcast traffic (such as CDP, LLDP, DHCP, STP) is allowed over the IX fabric, except IPv4 ARP and IPv6 neighbor discovery.
- Spanning tree, BPDUs Incoming BPDUs are dropped.
- ICMP redirects are not allowed and dropped.
For Prevent propagation of incorrect routing information, BatamIX recommend all members to do this in their respective networks:
- Keep your IRR records updated. Create route objects for all prefixes that may be advertised to your peers.
- if you advertise a lot of asn, create an appropriate AS-SET object and share it with your peers. Ask your downlink customers to keep their own IRR records updated..
- Keep Update your profile on PeeringDB, Register BatamIX as an exchange point in your peeringdb entry.
- Create and maintain ROAs. Even if you do not implement RPKI on your network, the existence of ROAs may protect your prefixes from hijacking.
- BatamIX route servers has been implement automation that relies on the accuracy of IRR and/or peeringdb data. Failing to keep this data updated may result into dropped bgp prefixes or even peering requests getting rejected.