Very interesting discussion so far. Sorry if my email gets a little rambling, it's kind of a stream of thought.


I am of the opinion that there be a minimum set of objective criteria to be met for a proposed/requested remote switch. If meeting the criteria is demonstrated, then the proposal/request can be further considered with a very much subjective lens by the board and community with questions for them to answer such as:


We should not try to enumerate every single one of the objective ways in which a network/organization might fall into the "do not allow them to connect to MICE" both as a regular member and as a remote switch operator, as someone said earlier, there are too many possibilities. We should have a decent set of guidelines/requirements and then let the humans of the board and community use their own thinking and intuition to assess on a case by case basis if this is a good opportunity or is it too risky.


As for the specific criteria to be objective about, we can dig into the weeds on pros and cons of far-away and close-by members and remote switches, ways to view and treat them (eg BGP communities), long-haul requirements (eg SLA, redundancies, etc), dedicated vs non-dedicated switching hardware, specific hardware capabilities required, geographic distance limits, link usage/capacity ratio, etc. but I think it is too early to work through all of the objective criteria and their solutions to problems until we actually decide we want to go down the road of having an expanded set of objective criteria and is the official track to become a remote switch operator. So for example, if we decide we are going to clamp down hard on accepting new remote switches and making remote switches very difficult to do, then the criteria question because more or less moot and we don't need spend a lot of cycles thinking them all through. It sounds like maybe we need to have a majority consensus on how to proceed. 


I think directly and indirectly there is a lot of data on remote switches generally and specifically far-away remote switches for IXes like MICE that can be considered. There are variables/risks to consider and there are likely accommodating solutions to those. Do we want to be strict or lax about taking on new remote switches? Do we want to only take remote switches on based on solicited requests from MICE? Do we want to only allow official MICE participant members to be able to become remote switch operators or can anyone become a remote operator? Is there a finite number of new remote switches we should consider having in total or per year how many we can take on? All sorts of possible considerations if we want to get into it.


To recap, I personally think step 1 is that we should decide to have an intentionally defined set of objective criteria that if all are met then a subjective determination is made by the board including the use of solicited member/community feedback. If yes, step 2 is then to clearly define that set of objective criteria we care about.


I think the elected board should be the last line of defense against making mistakes and to mitigate use of loopholes. They should be trusted to use good judgment as the final say on requests for remote switches. If something is concerning or otherwise fishy, they can ultimately deny or indefinitely delay requests until such time as they are satisfied.




From: MICE Discuss <MICE-DISCUSS@LISTS.IPHOUSE.NET> on behalf of Jeremy Lumby <jlumby@MNVOIP.COM>
Sent: Thursday, March 24, 2022 6:00 PM
To: MICE-DISCUSS@LISTS.IPHOUSE.NET
Subject: Re: [MICE-DISCUSS] MICE Remote Switch Policy
 
A few of my opinions on the topics that Richard brought up/relayed for others:

For the most part I think the approval of remote switches should be discretionary.  With that being said I think there should be a few stipulations.  There should be minimum criteria to be met in order to even consider the proposal.  My reasoning for the minimum criteria is to save time and effort since MICE is almost all volunteer based, and I am in favor of keeping it that way.  I am in favor of the following minimums for a remote proposal:
-Dedicated switching hardware
-Minimum of 5 participants interested in connecting immediately
-66% utilization upgrade threshold
-Agreement that the switch operator will enforce, and keep up with MICE technical requirements
-Agreement that the switch operator will cover all costs of operation including uplink, and MICE fees
-Agreement that the switch operator notifies all participants that they are connecting to a remote switch, as well as is the primary source of support for connected members.

If the agreed upon minimums are met then the proposal should go to the membership for discussion (for a fixed amount of time), and then the board for approval.  I do feel that if board members were to vote against it, it should be for a reason that was discussed publically on the list first.

On a somewhat related topic I have had a few different datacenters inquire about getting a MICE managed core switch installed.  I think there should be minimum standards established for a core switch as well to save time and effort.  In general I think they should be much greater than the list above.

With respect to the location of a remote switch, I think distance is not an issue, and in some ways it is an advantage.  When someone connects to a remote that is far from the core, everyone knows it.  The location of the switch is documented on the participants page, and all of the members connecting through it are indicated as so.  This gives network admin the ability to easily identify, and adjust their BGP metrics accordingly.  I also like the idea that Jay proposed for communities that identify remote switch participants.  If someone were to argue that distance was a negative, they would first need to propose blocking anyone connecting to the core across a long-haul circuit from outside of the metro.  In cases of long-haul to the core, the only one that has a clue that it is going on is the participant themselves leaving all other members clueless.  I have received several inquiries from members about high latency to certain peers who long-haul into the MICE core.  I am often unsure if I can divulge their remote location to the person asking since often times the only way I know is based on the carrier listed on the cross connect tag going into the core (which is not public knowledge like the participants page is).

As to the dedicated hardware requirement I would also like to state that in general I feel that if someone is serious about increasing connectivity to MICE, they are willing to spend the money for the hardware (not just trying to save on a cross connect for a friend), and also willing to spend the time to be the first line of defense when it comes to troubleshooting.  Not to mention the much simpler config/troubleshooting that comes along with dedicated hardware, this all keeps the load off of the volunteers running MICE.

I do not feel that any NEW minimum requirements should apply to existing switches.  I think they should still be bound to their original proposals (within reason).  I believe that all of those proposals would include enforcing current MICE rules on their switch (such as number of MAC addresses, and BPDU error disables)

As for a disincentive for CDN's to connect, I have only seen the opposite.  Most CDN's will only accept a connection to the core.  The only time I have seen them connect to a remote was for a secondary connection to gain switch diversity.

As for broadcast traffic I agree that it can get more dangerous across a long-haul link, however I think a larger issue is the lack of enforcement of good router config hygiene.  To that point, a quarantine VLAN helps detection/enforcement before the problem gets out of hand.  The complexities it leads to would be another reason to support requiring dedicated hardware for remote switches.


Jeremy Lumby
Minnesota VoIP
9217 17th Ave S #216
Bloomington, MN 55425
M: 612-355-7740
D: 612-392-6814
F: 952-873-7425
jlumby@mnvoip.com


From: MICE Discuss [mailto:MICE-DISCUSS@LISTS.IPHOUSE.NET] On Behalf Of Richard Laager
Sent: Thursday, March 24, 2022 3:59 PM
To: MICE-DISCUSS@LISTS.IPHOUSE.NET
Subject: [MICE-DISCUSS] MICE Remote Switch Policy

I've had some discussions with the board as well as with Jay and Jeremy on these topics. The board consensus was to bring this (in general) to the membership for more input.
As to the specifics, while I know others agree with at least parts of this, I'm only speaking for myself here. I'll let everyone articulate their own positions. (This disclaimer should not be read as me signaling the existance of disagreement either. I just don't want to put words in other people's mouths.)

Our current policy on remote switches is here: https://micemn.net/technical.html#remotes It has the proposal presented to the membership for discussion, then the board makes a final decision.
Is this decision ministerial or discretionary? That is, if the remote switch proposal checks all the boxes in our policy, is MICE "required" (supposed to) always grant it, or is the board supposed to apply some discretion?
If the decision is ministerial, then why bother bringing this to the board (or for that matter, the members) all? Couldn't we save a bunch of time and hassle and simply have management (in some form, whether that's me, Jay, and/or Jeremy) approve it?
If the decision is discretionary, are there particular criteria that the board should consider (above and beyond the listed criteria)?
One criteria used in a discussion I had (and I can't recall which of us said it first) is "MICE's strategic interests". What would that phrase mean to you; what are some strategic interests of MICE?
For a bit of an absurd example for the thought experiment, imagine that someone was proposing a MICE remote switch, but we knew their goal was to attract a bunch of members and then convert that into a competing exchange. Is that something we would have to agree to simply because they met all the objective criteria?
When we were new and little, MICE certainly had an interest in making every decision in a way that would maximize additional peering. However, at this point, the calculus may be (I'd argue is) different. We are moving a lot of traffic and are important to our members / in our region. We have to be careful that our decisions do not destabilize the exchange--in multiple ways: technical, financial, or political.

Either way, should we expand the list of objective criteria in the policy? Some examples:
• We have previously discussed dedicated vs non-dedicated switches. As time goes along, I am more convinced than ever that MICE remote switches should be required to be dedicated. Non-dedicated switches present extra complications for configuration and troubleshooting. (Jeremy has some additional insight on this that he will share.) I think we should make it a requirement that the switch be dedicated. (Perhaps the board could still grant an exception in exceptional cases.)
• Should we require that a remote switch have X number of participants committed? And if so, what is X? In my view, it hardly makes sense to have a remote switch one or two participants. They could just as well backhaul to MICE directly.
The criteria for allowing new remote switches vs disconnecting existing remotes need not be the same. If we set a minimum of e.g. 5 participants, we don't necessarily need to disconnect existing remotes that don't meet that. And I think the consensus is that we would not, barring them creating some significant problem.

How do we feel about far-away remote switches? (This is a live issue in the context of the proposed Kansas City remote.)
Some concerns:
• At Wiktel, I peer with MN VoIP's far away extensions in Minneapolis. For example, I peer at SeattleIX (SIX) in Minneapolis. This has caused me some issues. For example, latency-sensitive gaming traffic was tromboning Wiktel-Minneapolis-Seattle-Chicago-Seattle-Minneapolis-Wiktel rather than Wiktel-Chicago-Wiktel.
• Is it safe to have a broadcast domain that stretches across multiple states (or half a continent, in the SIX case)?
• If we take this to its logical extreme... Imagine we had a MICE extension in every datacenter in the U.S. I think that is pretty obviously untenable for a bunch of reasons. Something close to that is actually within the realm of possibility, with some of these virtual extension things that people are doing. (Reid would be able to cite who.) Granted, nobody is proposing that today, but where should we draw the line?
• Far-away extensions may reduce the incentive for CDNs to install locally.
Some counterpoints:
• Nobody is forcing networks to use the far-away remotes.
• If people choose to use them, they take their routing into their own hands. They need to understand the tromboning risk and set their own routing policy.
o Counter-counterpoint: Do they? Especially smaller / less experienced networks? Have we adequately warned them?
o Counter-counterpoint: The existence of these far-away peers doesn't affect just them. It also affects the other networks with which they peer. Everyone on the exchange needs to be aware of the existence of far-away participants and handle their routing policy accordingly. If there are enough far-away peers, this might tip networks into an opt-in route server policy, or even to only do bilaterals. This will disadvantage small participants.
• Networks can backhaul into far-away exchanges directly.
o Counter-counterpoint: But a remote switch makes this cheaper / more feasible / more common, which is literally the point of creating such a remote switch.
• For a local eyeball network in Des Moines, neither MICE nor Kansas City are far-away from me. Even MICE via Kansas City is not likely to be problematic. This might be the only economically feasible way they could peer with Minneapolis content.
--
Richard

________________________________________
To unsubscribe from the MICE-DISCUSS list, click the following link:
http://lists.iphouse.net/cgi-bin/wa?SUBED1=MICE-DISCUSS&A=1


To unsubscribe from the MICE-DISCUSS list, click the following link:
http://lists.iphouse.net/cgi-bin/wa?SUBED1=MICE-DISCUSS&A=1