An Internet exchange point (IX or IXP) is a physical infrastructure that allows different Internet service providers (ISPs) to exchange Internet traffic between their networks by means of mutual peering agreements, which allow traffic to be exchanged without cost.
IXPs reduce the portion of an ISP's traffic which must be delivered via their upstream transit providers, thereby reducing the delivery cost of their service. Furthermore, IXPs improve routing efficiency and fault tolerance.
|“||The global spread of IXPs represents a significant evolution in the global architecture of the Internet. IXPs provide locations for Internet players, including ISPs and content providers, to interconnect with one another. After becoming established in developed countries, IXPs are increasingly being deployed in developing countries, allowing domestic and regional traffic to be exchanged closer to the end users, thereby lowering the cost and latency of traffic exchange.||”|
IXP vulnerabilities can affect the ISPs that rely on them to exchange data with other ISPs. Threats to IXPs can come externally through physical damage and disruption, or internally through configuration errors. IXPs can be disrupted internally from within the Internet; however, they are more susceptible to external forces. Physical destruction or disruption of a major IXP would have a severe impact on the Internet, resulting in network outages and heavy congestion. Although there has never been a case of physical destruction of an IXP, there are a few cases of disruption from other external causes. . . .
External threats to major IXPs, though rare, can greatly stress the Internet infrastructure. IXP owners protect their assets by utilizing facilities with 24-hour security, backup power, and various forms of shielding. . . . [M]ost IXPs are collocated at facilities shared by interexchange carriers (IEC) and competitive local exchange carriers (CLEC). However, as more and more assets are collocated within single facilities, they become higher value targets for attack because the potential impact is greater.
- Risks section: Internet Report, An Examination of the NS/EP Implications of Internet Technologies, at 34.