Kind folk of New Zealand, A while ago, when I was at Citylink, we had some very interesting discussions on what the community believed the role of the route server infrastructure was in our exchanges. At the time, Citylink had announced that they were no longer going to require every operator to submit prefix lists to them for enforcement. In my opinion, Citylink moved to the correct way of acting; not providing a level of route filtering for the community, but instead putting it onto each ISP to enforce their own BGP security. It was interesting to me how much people had placed a reliance on the route servers and their enforcing a route policy on behalf of them, rather than taking responsibility for this themselves. I recall that in this discussion on the list Dean Pemberton, Michael Fincham, and Andy Linton made some excellent points about this. One of the interesting things about New Zealand and IXs is the lack of bi-lats or routing control used across the peering exchanges. In many IXs worldwide, the route servers are only considered to be the initial stage of setting up on an IX (if you used them at all). An ISP or content provider would reach out to all the peers that they did any level of traffic to and request a bi-lateral BGP session, which they would enforce their own route policies on, and filter routes in both directions on this session to appropriately manipulate traffic. In light of the issues this afternoon on APE, I wonder all of us putting some effort into bi-lats with our major peers is worthy of discussion? Also interesting is the attached graph of aggregate traffic on AKL-IX, showing the value of having multiple IXs in Auckland for resiliency. Cheers, Hoff [image: Inline image 2]