New standards from the Open IX Association improve uniformity, ensure interoperability and enhance resilience for...
data centers and network exchanges.
IT organizations increasingly rely on secondary, remote data centers, whether by outsourcing applications, maintaining a disaster recovery site or utilizing public cloud or software as a service. A lack of standardization in these off-premises data centers and network exchange points has led to unexpected interruptions in performance and resilience.
The Open Internet Exchange -- Open IX -- is emerging as a way to standardize specifications for connectivity, data transfer and reliability -- benefitting the growing ecosystem of interrelated computing facilities.
The Open IX standards
OIX-1. To achieve OIX-1 certification, at a minimum, an IXP must support any-to-any public exchange virtual local area networks, along with a congestion-free private VLAN. The IXP must provide standard Ethernet connectivity using copper or fiber at either 1 GigE (802.3z) or 10 GigE (802.3ae) and support link aggregation. It also has to forward traffic with IPv4, IPv6 and ARP EtherTypes; users can employ MAC address locking. In all cases, the IXP must delineate the demarcation point between IXP services and customers.
The IXP infrastructure can't oversubscribe switch ports with the mix of customer traffic on the network. Inter-switch links need enough bandwidth to run without congestion. Connection resilience and redundant power sources prevent a single point of failure. A regional Internet registry (RIR) must assign the IXP's IPv4 and IPv6 IP space for any public exchange VLAN. Route server services must support IPv4 and IPv6 as well as four-byte autonomous system numbers assigned by an RIR.
From an operations perspective, IXPs must monitor for and report events or performance degradation to customers, and report statistics including incoming and outgoing traffic levels. Under the OIX standards, the provider must list many infrastructure and operational details on its website. For example, if the IXP uses MAC address locking, the IXP must provide online guidance on updating the users' MAC addresses. Another example stipulates that an IXP must publish a route server setup on a publicly available website. Technical support contact information and maintenance announcements also should appear.
OIX-2. Data center requirements for OIX-2 are more extensive and detailed -- all intended to ensure resiliency in each facility. For example, the physical requirements stipulate a minimum of two separate utility feeds from different substations, utility transformers in a 2N or N+1 configuration, two separate water sources, two or more access points for separate network (connectivity) providers, N+1 or better generator capacity for at least 24 hours, and redundant uninterruptible power supply and cooling capacity. The facility must be located outside of flood zones and built to withstand seismic, tornado or hurricane events as necessary. The facility cannot be within two miles of a major airport approach or within one quarter-mile of hazardous facilities, such as refineries. The building must also have active fire protection, security features and an automated building management system.
The data center's operational requirements are also extensive, including well-documented operating rules and procedures; proper local, state and federal licensing; proper commissioning; documented maintenance; established procedures for change and workflow management; and an updated disaster plan. It must also meet all regulatory and environmental compliance requirements. A minimum of two-factor authentication secures building access.
The OIX-2 committee reviews and updates these data center requirements periodically, so expect changes over time.
OIX certified -- does it matter?
The IT industry at large has been slow to embrace OIX certification.
Meeting all the Open IX demands inflates the cost of data center services as compared to a provider without certification. If certain features are critical for a business outsourcing IT workloads, then the demands and costs are justified. For example, when an IT organization searches for an outsourcing provider to host critical applications, the OIX-2 certification is a powerful endorsement of reliability and safety.
The principle benefits of an Open IX-certified data center are resiliency and physical security, thanks to redundant connectivity providers, power, water and the other requirements listed above. The ultimate goal is to ensure an OIX-2 certified data center continues to function and support cloud users or outsourcing customers in case of predictable and commonplace threats -- though the data center is not impenetrable or indestructible.
However, many businesses that rely on hosting services and cloud providers don't look for mission-critical support -- those applications stay in-house. OIX certifications are absolutely not essential for a business' in-house data center.
OIX-1 and OIX-2 certifications won't become important until mainstream businesses (users of IT for non-IT businesses) routinely outsource important applications.
To date, just over 20 facilities in 10 U.S. states achieved OIX certification -- only two are IXPs and the remainder are data centers. Certifications are primarily held by major regional and national outsourcing data center providers like Digital Reality or CyrusOne.
OIX requirements have absolutely no influence on the design approach used to satisfy each requirement, nor do the requirements affect the data center hardware and systems installed or supported. No amount of redundant power will help if it is hosting an outdated, broken storage array, for example.