This is the peering policy of C3AERO-AS-01 (AS399011) effective April 8, 2023.
We practice an open peering policy, which means that we peer with any network that wants to peer with us. If you would like to peer with us, please follow these guidelines.
- Peers may only send traffic from their own and downstream networks to us.
- Peers may only send traffic to destinations announced by AS399011.
- Peers must not configure static or default routes to our routers.
- Peers must operate a Network Operations Center (NOC) reachable by email.
- Peers must keep their IRR and registry data up to date at all times.
- Peers shall enforce a strict routing policy to avoid route leaks.
- Peers shall aggregate their routes to avoid routing table inflation.
- Peers should cooperate in any case of abuse or extraordinary circumstances.
We offer virtual cross-connects at the following points of presence:
- Equinix BO2 - Boston, Billerica
- Equinix DC1-DC15, DC21 - Ashburn
- Equinix NY9 - New York, 111 8th Avenue
Peering with AS399011 is cost-neutral for both parties.
Routing and Filtering
Before entering a peering with us, please note the following preferences and technical information:
- We filter prefixes against IRR (RIPE, APNIC, RADB, etc.) and RPKI.
- We filter prefixes shorter than a /24 (IPv4) or /48 (IPv6).
- We filter prefixes with private or other invalid ASNs in AS_PATH.
- We filter prefixes with private address space (RFC1918, RFC4193).
- We filter prefixes pointing to well-known bogon addresses.
- We filter prefixes with an invalid NEXT_HOP attribute.
- We encourage the usage of MD5 authentication for additional security.
- We support the usage of GRACEFUL_SHUTDOWN community (RFC8326).
- We configure an individual prefix limit for all peering sessions.
Mutually Agreed Norms for Routing Security (MANRS)
To improve Internet routing security, we have joined MANRS, a global initiative supported by the Internet Society that provides essential fixes to reduce the most common routing threats. As part of our membership with MANRS, we commit to adhere to four concrete actions to reduce routing threats:
- Global Validation
Resource Public Key Infrastructure (RPKI)
RPKI is a method to help prevent BGP hijacking and route leaks. It uses cryptographic signatures to validate that an ASN is allowed to announce a particular prefix. AS399011 has deployed RPKI route validation and filtering. We reject RPKI invalids on all BGP sessions. We also maintain valid Route Origin Authorizations (ROA) for all originated prefixes.
AS399011 originates the following prefixes:
To facilitate traffic engineering and control, we support BGP communities that can be used by our peering partners to influence the routing of their traffic through our network. The following communities are available:
- Origin Route: 399011:100:1
AS399011 operates on a best effort basis and does not guarantee any specific service level agreement (SLA) for peering sessions. We will make all reasonable efforts to ensure the reliability, availability, and performance of our peering connections, but we cannot be held liable for any interruptions or disruptions to the peering service.
If you would like to establish a peering session with AS399011, please send an email to firstname.lastname@example.org with the following information:
- Your ASN
- Your limit prefix count
- Your preferred peering location
We will review your request and respond as soon as possible. Thank you for your interest in peering with AS399011.