Connecting you to everyone and everything

The year of change

There is a reason why some quotes and proverbs are popular… typically, it’s because they are true. To name a few: “The only constant in life is change”, “A rolling stone gathers no moss”, “There are far, far better things ahead than any we leave behind” and “To improve is to change; to be perfect is to change often”. All of these sayings suited AMS-IX in 2019. In the year we celebrated our 25th anniversary we also saw a lot of change both internally and in the market, we operate in. This is why we continue to invest in our long-term strategy: Innovate, Optimise, Grow.

Celebrating a 25th anniversary is also celebrating past success and recognising the things the people of AMS-IX have achieved in those 25 years. The Internet started as an academic network but has grown dramatically into the all-pervasive utility of today’s world. AMS-IX managed to secure a world leading position in that rapidly growing market and continues to do so this day.

Our traditional business (public peering) continues to grow in terms of capacity, connected parties and overall traffic whilst new services like EasyAccess and IX-as-a-Service (IXaaS) are gathering momentum. To support the strategy, new tooling is being deployed that will allow for optimisation of processes and customer interaction. Customer self-service and process automation are two main focus areas. Additionally, we focus on applying the principles of economies of scale in order for efficiency and effectiveness to increase thus further improve the customer experience and the value AMS-IX brings to the market.

Internet traffic is growing at a steady pace providing many opportunities, but the challenges grow, too. Cheap alternatives for interconnectivity put pressure on prices. Growth opportunities for data centres are under pressure due to scarcity of land, power and talent. On top of that, governments are trying to get a grip on the digital economy with rules and regulations. Typically, this type of pressure in a market leads to consolidation which is already happening in the data centre and connectivity markets.

During 2019, AMS-IX invested a lot in preparing for a time of change. A new way of working was introduced, reshaping the organisation to better support innovation and optimisation, but also to have better reporting, financial insight and control. The “homegrown”, monolithic tooling is being replaced by standard tooling, allowing valuable developer resources to focus on innovation. This will continue in 2020 whereby the benefits for the customer will become more visible.

A number of new products and services was launched successfully, however the traditional interconnection business remains strong and continues to grow. The development of new services will continue next year. A healthy pipeline has been developed for IX-as- a-Service (IXaaS) with the first deployments expected to take place in the early 2020. EasyAccess also shows a steady growth with the service being available in over 170 data centres across Europe.

Amsterdam remains the stronghold of our business, with AMS-IX India also showing a significant increase in connected parties and traffic. The business in Hong Kong, the Caribbean and the USA continue to grow slowly. 2019 also saw the first deployment of IX-as-a-Service with the launch of Manama-IX in Bahrain during the Formula 1 GP, in March. Since the launch, Manama-IX instance shows steady growth of connected parties and traffic.

Although the results were below budget, a positive financial result before tax is secured due to the pause of the implementation of Saleforce, active monitoring of spend and continued cost savings on infrastructure and fiber investments. Also, the US operations have been restructured according to plan, resolving the negative results while securing the continuation of the AMS-IX brand and services in the USA through an IX as a Service (IXaaS) partnership with Epsilon.

Despite a port price reduction of 20% offered as per January 1, 2019, gross revenues declined by 11% (EUR 2.3 million) compared to 2018. The decline in revenues from existing business was partially compensated by new products IXaaS and EasyAccess – both contributing EUR 0.2 million to gross revenues in 2019. The new business development was slower than expected but the pipeline for 2020 is already promising.

Lower external operating costs compared to 2018 show AMS-IX’s commitment to continuous improvement and efficiency. As such we were able to maintain our profitability in 2019.

Other operating costs increased by 4.6% in 2019. This was driven by the costs of implementing Salesforce and the new way of working, as well as the hiring costs of senior staff and investments in new tooling. The new way of working was implemented during 2019 and the implementation of the new tooling will be completed in 2020.

Nevertheless, we were able to close the year with a positive financial result of EUR 1.1 million profit after tax (2018: EUR 0.8 million). With this result we were able to finance required investments in the ecosystem using cash flow generated in AMS-IX’s home market. Our equity ratio increased to 73.2% (2018: 48.6%), which represents a healthy financial position.

Overall the business continues to grow and remains adequately funded. In 2020 our focus
is to deliver on our strategy, implementing new services and extending into new markets, but also finish the optimization of our internal processes and implementation of the new ERP system.

At the time of producing the annual accounts 2019, the world is phased with the Covid-19 or Corona crisis which has a strong impact on society and the economy. Being part of vital infrastructure, AMS-IX took additional steps to keep our people safe, whilst ensuring the continuation of the services. We have seen a significant growth of traffic and upgrades on the back of the massive shift to “working from home”, signifying the key role of AMS-IX in the Internet eco-system. Although the economic outlook is uncertain, we believe the Internet-market will continue to grow and so remain confident about our future and Long-Term Strategy.

We would like to thank the AMS-IX Supervisory Board and our members for their continuous support over the past year.

The Internet today has major flaws. What can AMS-IX do to overcome them?

The Internet is definitely one of humanity’s greatest inventions, but it also has some very unsettling shortcomings that need to be addressed. AMS-IX commits itself to overcoming some of these imperfections in the years to come.

The fact that the Internet has some major flaws, is obvious. Just take a look at the papers. Every day there are major hacks and data breaches. A kid with access to a credit card can order DDoS attacks and destabilise the banking sector of a country, accounting for millions in damage. Traffic is rerouted due to malpractice or errors and privacy seems to be a thing of the past. Companies can track and trace everything you do online.

We are so used to this that we don’t realize any more how bizarre this situation actually is. When you drink water from the tap (at least in the Netherlands), you know for sure that the water is clean and not contaminated. Similarly, when we go on the Internet, we think it is normal that there are people checking our data, and that there is a good chance that someone is stealing it or that we are being framed. It makes one wonder: is it possible to reengineer the Internet in order to address some of these security and privacy issues?

Some of the problems the Internet is currently facing

It would be wrong to state that the Internet was badly designed, because there wasn’t a design in the first place, at least not for what the Internet has become. The foundation was laid by academic groups in the 70s and early 80s (IP and TCP protocol definitions stem from 1973). It was only in the late 80s and early 90s that commercial ISPs were established and started offering services based on TCP/IP. There was an atmosphere of trust and cooperation amongst these first internet pioneers and the way the network is built reflects this mindset. The internet protocols were originally designed for intercomputer communication in an academic environment. But as we have seen, the Internet has organically grown into a huge, global, communication network.

Currently, the Internet has many shortcomings, such as spoofing of host addresses, DDoS attacks, forged TLS certificates by compromised trust roots, and many more. At AMS-IX we experience, for example, problems with interdomain routing with the use of Border Gateway Protocol (BGP). BGP is a globally distributed protocol exchanging reachability information for their respective ASs (Autonomous Systems). As there is no hierarchy between the BGP speaking routers, updates by a single BGP speaker can impact routing information in the entire Internet. This allows for example, for prefix hijacking and while often these are caused by erroneous configuration, there are well-known cases where this has, and is, been caused by adversaries with criminal or political intentions. Related to this, is prefix ‘redirect’, where traffic in the end finds its destination, but on its path there it is intercepted for eavesdropping purposes.

Building new internets

It is impossible to re-engineer the existing Internet. Too many companies are relying on the Internet Protocol and it still adds value for the common user to make all the security and privacy risks worthwhile. We can see this for example, in the way companies handle the problem of address space. The Internet originally used 32-bit addresses, which means that there is a limited amount of address space. This problem was already flagged at the end of the 90s, and it was addressed with the introduction of new 128-bit IPv6 addresses. However, most of the internet organizations have not, or are still in the progress of, migrating to IPv6. With the exhaustion of IPv4 address space all kind of issues start to occur, one of which is the barrier it creates to new service providers on the Internet.

One way to go about this, is to build internets that operate parallel to the current Internet. These new networks connect companies with similar or common goals. They use the networks for specific applications. And, most importantly, they make and abide to their own set of networking rules. This way they can ensure security and trust within their community.

The idea of building new networks that operate next to the current Internet is not as revolutionary as it sounds. In many areas, companies and organizations are working along similar lines. The Dutch government for example, has its own Diginetwork that operates next to the Internet. It is basically a collection of interconnected governmental networks operating under their own rules for privacy and security. Another example can be found with the GRX, AMS-IX’s interconnection platform for exchange of roaming GPRS traffic between mobile operators. The traffic is based on guidelines set by the GSMA.

But there are a lot of possibilities. A great use case for building such a network can be done in the financial sector, especially when it comes to the communication between banks and their users. Momentarily, banks deliver all their services as IP traffic on their network. As a result, if the customer portal of the bank is hit by a DDoS attack, users can be blocked out. It is, however, also possible that the banks organize their network traffic with their users via a separate network thus ensuring the continuity of their services.

The road ahead

AMS-IX is positioned to help, initiate and build these new networking communities. We have been operating at the core of the Internet for more than 25 years. Our interconnection platform in Amsterdam connects more than 875 networks and it is neutral ground for all these organisations. We already have a lot of experience with measures to secure the Internet’s routing infrastructure, like the use of RPKI (Resource Public Key Infrastructure) and the implementation of MANRS (Mutually Agreed Norms for Routing Security). We operate with no commercial goals and for the good of all internet companies, which puts us in the position to address some of the general problems of the Internet. Next to that, we have excellent ties with academic organisations, universities and other associations like RIPE, NLnet Lab and ISOC, some of which have initiatives of their own addressing some of the problems of the functioning of the Internet.

AMS-IX can, first and foremost, assist in the development of new technical standards that can help building these new networks. In its most simple form, it means playing a role as neutral intermediary in the development of these new networking communities, facilitating rules on which the networks are to operate. Additionally, it can also mean participating in the development of new alternatives for the Internet Protocols like RINA, SCION and NDN. AMS-IX is already participating in the 2STiC program, a joint research program, where AMS-IX together with NLnet Labs, SIDN Labs, SURFnet, TU Delft, the University of Amsterdam and the University of Twente, aim to test some of these new protocols. But there are fields of technological testing and engineering where AMS-IX can play a role as well, like testing and developing new encryption technologies to be used in a networking environment.

AMS-IX can also play a role in safeguarding the neutrality of infrastructure to be used for the common good. An interesting use case could be the 5G roll-out in the Netherlands. Many enterprises want to operate their own 5G networks that operate next to networks of telecom operators. AMS-IX can be used as a neutral Exchange point and facilitator of interconnection.

Of course, there is also a lot that needs to be done outside the scope of AMS-IX. Governments for example, need to adapt their legislation so that it is more suited to the current workings of the Internet. The GDPR is an excellent first step to give civilians more control over their personal data. Next to that, quality standards need to be developed around internet technology. For example, currently, poorly secured IoT devices can be sold without any restrictions. A new CE marking for IoT devices would be very welcome.

For 25 years, AMS-IX is playing a leading role in developing and growing the Internet. It brought much good, but we can now clearly see that the Internet also has some flaws which should be the focus of our attention in the future.

The Internet today has major flaws. What can AMS-IX do to overcome them?

Last year, AMS-IX together with DE-CIX and LINX, announced the development of a single API that can be consumed for provisioning services in a standardized way at all three Interconnection platforms. The project is not only a success because it created a new industry standard, but it also shows that three competitors can work together very well on one common goal.

The API was presented to the world in September 2019, during the 14th European Peering Forum (EPF) in Tallinn, but the project started much earlier. In the summer of 2018, the CTOs of all three Exchanges gathered with a number of relevant technical experts and decided to go forward with this project. Since then, the development teams of AMS-IX, DE-CIX and LINX come together every six weeks in Amsterdam, London or Frankfurt, in a rotational manner. In between these sessions, the respective development teams stay up to date via weekly and bi-weekly conference calls.

A new industry standard

IX-API stands for Internet Exchange Application Programming Interface. It is a technical communication protocol which can be used to interface and provision connections on all three Exchanges. The big advantage of the IX-API is that it enables customers to interface with any IX, in a standardized way. This results in fast, efficient and less error- prone provisioning of connections. The first release of the API supports applications that can be consumed by a customer portal of, for example, a reseller. The API will automate the ordering process for customers of the resellers that want to connect to one of the IXs.

The intention is that the API will become an industry standard. Next to DE-CIX, LINX and AMS-IX, multiple other exchanges have showed their intention to implement the API. If things go according to plan, the new API will increase competition which will drive down prices. In the end, the whole industry will benefit from it.

Resellers

From very early on in the development of the project, we worked together with our testing partners, Epsilon and Interxion, who indicated that they would be interested in consuming the API allowing for their customers to order directly on the IXs. Their input was vital in making the API a success.

The first phase of the project was focused on resellers and has been finalized for all three Exchanges. Any reseller with preconfigured physical reseller port(s) and a pre-created, reseller's API-user can now provision services via the API. Going further, the IX-API will be available to a broader range of IX users, like Internet Service Providers, Content Delivery Networks, carriers, and other IXs.

The project is not only significant because of its technical challenges, but also shows that the three Exchanges can collaborate very well. It is possible that the development teams of AMS-IX, DE-CIX and LINX will work together in other projects as well. The future looks very promising!

Supported features of IX-API

• Authentication in the API
• Overview of customer contracts
• Option to create a new customer contract and add customer contact information to it
• Overview of enabled physical ports
• Option to create a new MAC address under a customer contract
• Overview of all VLANs available at AMS-IX, DE-CIX and LINX
• Option to create a new virtual link for customers and add a previously created MAC to it
• Overview of customers’ virtual links
• Provision a newly-created virtual link
• Overview of all available route servers at AMS-IX, DE-CIX and LINX
• Enable route server peering for a provisioned virtual link