Thinx IX
Free Internet Exchange Platform
The Thinx Internet eXchange offers total flexibility in creating the optimal IP service model for the operator — free IP traffic exchange (open peering) with domestic networks, European content providers and global portals.
To take full advantage of Thinx IX, you only need to activate one port. This will give you access to nearly 200 members of Thinx, which generate more than 1 Tbps of traffic every day.
A mandatory condition to join Thinx IX is to have an ASN to run the BGP protocol.
Single Port - Plenty of Options
Multiple services on a single physical port means easy configuration and savings on hardware and interconnections.
A Thinx port can be activated in 12 cities in Poland, in established telecom hubs and data centers or in the headquarters of the joining IX member. It is also possible in 2 locations in Frankfurt, Germany.
IPTV Resources Served by Default
Social Media and Online Gaming at Thinx
Instantly Available Business Content
Statistics
10G, 40G, 100G ports
Average NPS* for 2023: 70
*Net Promoter Score – a tool for assessing customer loyalty, satisfaction and engagement.
Average availability of telecom services in 2023: 99.990%
Daily stats
Monthly stats
Yearly stats
Thinx IX History
Technical Information
In Poland, it is also possible to receive the service at the location closest to your office based on Atman’s fiber optic network.
It is necessary to establish a BPG session with a route server (or with two route servers).
IP addresses of the route servers:
RS1 | 212.91.0.1/22 | 2001:7f8:60::1/48 | AS 24748 |
RS2 | 212.91.2.1 | 2001:7f8:60::2/48 | AS 24748 |
ASN 24748 is used by route servers only to establish a BGP session, it is eventually removed from the BGP AS_Path. The operation of route servers can be likened to that of a BGP Route Reflector; once a BGP session is established, we receive routing information/prefixes from the other node members connected to the route server without having to establish a BGP session with each of them.
Acceptable configurations of the BGP communities parameter in Thinx IX
Action | Standard | Extended | Large |
Blackholing prefix | 24748:666 | ||
Prepend 1x | ASN:1 | ro:1:ASN | 24748:1:ASN |
Prepend 2x | ASN:2 | ro:2:ASN | 24748:2:ASN |
Prepend 3x | ASN:3 | ro:3:ASN | 24748:3:ASN |
Do not advertised to peer ASN | ASN:9 | ro:9:ASN | 24748:9:ASN |
Set med = 0 | 65000:0 | ro:0:65000 | 24748:0:65000 |
Set med = 100 | 65000:100 | ro:100:65000 | 24748:100:65000 |
Set med = 200 | 65000:200 | ro:200:65000 | 24748:200:65000 |
Do not redistribute to peer ASN | ASN:65000 | ro:65000:ASN | 24748:65000:ASN |
Do not redistribute to all peers | 24748:65000 | ro:65000:24748 | 24748:65000:24748 |
Redistribute to peer ASN | ASN:65111 | ro:65111:ASN | 24748:65111:ASN |
Redistribute to all route server peers (default) | 24748:65111 | ro:65111:24748 | 24748:65111:24748 |
For the most recent data, see RIPE.
The vast majority of Thinx IX members practice an open peering policy, and their prefixes are visible immediately after initiating a BGP session with a route server.
Exceptions are global members, where a free session can only be established after passing a verification procedure.
Microsoft ASN 8075 includes services such as Teams, Office365, OneDrive, Skype, Windows OS, and Office updates. The process for setting up direct peering is described in the instructions available on learn.microsoft.com/en-us/azure/internet-peering/howto-exchange-portal.
CloudFlare ASN 13335 is a global provider of network cybersecurity solutions, increasingly expanding access for customers in Poland. In order to use the service, you must apply through the portal peering.cloudflare.com/ (your data is required to be up-to-date on the public portal peeringdb.com).
Twitch (Amazon IVS) ASN 46489 is an alternative VoD/live streaming service for viewers who follow the news and have specific interests. A quick email to [email protected] (if traffic is expected to be at least 250 Mbps) – and sessions are ready.
Google ASN 15169 provides non-cacheable services of the Alphabet company, such as Gmail or Google Public DNS.
The way to access them is by filling out a form on the website isp.google.com/iwantpeering, where you select “Peering” in the Request Type header, and in the Technical Details section – Peering Type: “Public Peering (IX)” and Internet Exchange Location: “Warsaw, Poland”.
NOTE: The above procedure is recommended for traffic below 4 Gbps (during the daily peak). For higher traffic volumes, Google recommends establishing a PNI (Private Network Interconnect, Private Peering). For this type of connection, Atman has a special offer for content delivery across the country (details can be obtained by writing to [email protected]).
Edgio (formerly Edgecast) ASN 15133 is a US-based CDN (Content Delivery Network) serving mainly video data (among other X/Twitter content). A streamlined routing policy is available at: edg.io/peering/.
Riot Games ASN 6507 is a game studio that has created some of today’s most popular titles, including League of Legends and VALORANT. After filling out the form forms.gle/LXwkrYTfqwkZECTB6, you can count on setting up direct sessions, provided that the traffic is at least 10 Mbps.
Internet | Peering | Transit | ||||
Atman’s service | Business Internet | Basic Internet | Thinx IX | Peering Global | Transit Global | Transit Tier 1 |
Description | Whole Internet | Whole Internet in low cost version | Polish open peering | European remote peering | Tier 2 service from Atman AS24724 | Direct interconnect with Tier 1 |
ISP potential | ||||||
BGP requirement, own IP addressing | ||||||
Open Peering Thinx | ||||||
Domestic content | ||||||
International content | DE-CIX, Arelion, Tata | DE-CIX, Arelion, Tata | DE-CIX, DATAIX, Giganet | DE-CIX, DATAIX, Giganet, Arelion, Tata | Arelion, Tata | |
Exposure to DDoS attacks | ||||||
Additional anti-DDoS protection | ||||||
Orange Poland resources | TPNET AS5617 | TPNET AS5617 via overseas | Orange Optimum AS29535 |
Protection of Thinx IX resources is implemented on several levels, not only during service provisioning, but also during the commissioning process.
- Before your device is connected to a Thinx node, it is quarantined – we check that it does not use protocols that can negatively affect the operation of the entire node (such as STP, CDP, DHCP, MNDP).
- At startup, you declare the MAC address of the device’s interface, based on which we build a filter to allow communication with other node participants.
- In addition, we use the mechanisms of static entries in the eVPN protocol (protection against unauthorized appearance of the MAC of a member from another segment of the node) and protection against duplication of MAC addresses.
We recommend configuring BGP sessions with the MD5 authentication option.
It is also a good practice to set up parallel sessions to both route servers, most effectively from two different edge routers.
When you join a node, broadcast ASNs are defined, which are the basis for the following security features:
- Internet Routing Registry (IRR) – prefix lists based on route objects in the RIPE database or other regional RIR registrars
- Resource Public Key Infrastructure (RPKI) – advanced verification of accepted prefixes, protecting against prefix hijacking and traffic redirection to broadcast from an illegal ISP
- Prefix limits – the number of prefixes allowed to be broadcast to the node is specified for all node members (IPv4 1000, IPv6 100).
Decoupling from the public network as an additional security measure (the node’s prefix 212.91.0.0/22 is not broadcast to the Internet) significantly reduces the likelihood of DDoS attacks on devices connected to the node.
In accordance with the requirements of the Act of July 5, 2018 on the National Cybersecurity System (Polish Journal of Laws of 2018, item 1560, Network and Information Security (NIS) Directive), Atman makes all necessary efforts to ensure the continuity of the Thinx IX service, as well as to ensure that our customers have access to knowledge to understand cybersecurity threats and apply effective methods to protect themselves against these threats to the extent related to the Thinx IX service provided.
Atman Data Centers provide 100 percent energy security for the equipment housed there. A company using telecommunications services (including Thinx IX) is guaranteed a high quality of service, as evidenced by the documented actual availability of power at Atman Data Centers of 100% for the past 12 years.
The company has implemented procedures and policies based on the international standards ISO/IEC 27001 and ISO 9001 in areas such as:
- Monitoring the operational continuity of Thinx IX service components
- Unavailability or failure of a key service
- Assignment of responsibility for different areas of the system
- Network configuration, addressing and architecture of the solution
- Service usage conditions, traffic allowed within Thinx IX
- Management of permission levels and access to systems and devices
- Protection against DDoS attacks
The network devices that make up the strength of the Thinx platform are selected based on current needs, reducing redundant power consumption. The data centers that house the main network nodes are powered exclusively by renewable energy. In addition, Atman has participated for many years as both a Participant and Endorser in the European Commission’s European Code of Conduct for Energy Efficiency in Data Centre.
Furthermore, Atman supports initiatives to improve the quality and security of the Internet as we know it. Packet Cleaning House, Quad9, K-root server RIPE NCC DNS, blackholing.co.uk, AS112, eco – Association of the Internet Industry, n6 – Network Security Incident eXchange, BGP.tools, Team Cymru – to name but a few.
Producers of almost 20% of the Internet traffic present in Poland still do not maintain their server rooms or caches in our country, hence the need to reach out abroad. One of the closest international IP exchange points, where much of the desired content can be found, is DE-CIX in Frankfurt. Apple iCloud, Fastly, Hetzner, and Reflected Network, among others, are available there.
From the second half of 2022. Atman has strengthened its cooperation with DE-CIX (German Commercial Internet Exchange), based in Frankfurt am Main, which is a leading operator of Internet traffic exchange points. As a result, in early 2024 we joined the official Partner Reseller Program (Atman is the only DE-CIX representative in Poland).
We have been selected as a secure data center operator, and our partnership with DE-CIX enables companies across Europe to communicate directly and losslessly with Atman’s unique data centers and with Thinx IX – one of the largest Internet exchange points in Poland.
- Looking Glass of Atman services
- Global routing debugging and verification
- Super Looking Glass of BGPTools
- Looking Glass of DE-CIX, Europe’s largest Internet exchange
- Looking Glass of the global organization RIPE
- Looking Glass Packet Clearing House
- RPKI validation
- Free alerts on operator network security issues
- Where Google Cache comes from
- Where Akamai resources come from
- Looking Glass of Telia, a Tier 1 carrier
- Routing information by country/ASN
The peeringdb.com website is a database maintained by a non-profit organization that operates within the European Union, but whose information scope extends to the entire telecommunications world. The site has been in operation since 2004, and thanks to its maturity, structured processes and security, it is today considered to be a kind of standard reference and encyclopedia of network knowledge.