IXCtl - Take CTL of your route servers!

Remove route server management from the list of things that you need to worry about and get down to the business of running your IX. We provide modern, modular architecture for internet exchanges (IX) to manage infrastructure, automate provisioning and provide a portal for connected networks.

What is IXCtl?

IXCtl is an automation platform purpose built for internet exchange operators.

Combine and automate operational tasks in a seamless system. Using our member management features, import your existing connected network list from PeeringDB or enter it manually, then use IXCtl to manage MAC addresses, IP addresses, or export as an IX-F connected networks list schema.

IXCtl is the stand-alone Internet Exchange management platform, and is one component of 20C’s FullCtl suite.

IXCtl now has an open source version! designed as a toolkit to enhance flexibility for Internet Exchanges. Now, an IX can run individual components as desired while still allowing for custom, granular integrations with limitless possibilities.

What can I do with IXCtl?

Take the hassle and complexity out of properly managing resource public key infrastructure (RPKI) and route origin authorizations (ROAs) at your IX. IXCtl takes data directly from PeeringDB and combines it with industry best practices to generate (and maintain) secure route server configurations.

How does IXCtl work?

  1. Click “import” to pull baseline data on connected networks from PeeringDB

  2. Hit “configure route server” and add basic info to generate secure configurations

  3. Point your Kubernetes cluster at our target and enjoy karmic bliss, knowing that your route servers are automatically contributing to the good of the internet!

    a. Not running K8s? No worries, use our Ansible script to set up your route servers on a VM instead!

    b. Don’t want to use our automated container? Again, no worries, you can CURL the configuration and use it in your own aroutserver implementation!

What else can IXCtl do?


All FullCtl products come with audit logging and role based access control (RBAC) out of the box.

FullCtl is more than just software tools, we build complete network automation systems, ask us about your thorniest automation issue to learn more - even if your biggest challenge is just knowing how and where to start.


Features

API Driven

Not only is the API (Application Programming Interface) a first class citizen, it’s the only citizen - the web interface is 100% API driven. Our API allows any external system to interact with any individual component in our system which will help customers easily automate their workflow.

Modular

Components are designed to be run as a small service in a container or VM orchestration platform of your choice. We currently have production services running on docker swarm mode, Kubernetes, and VMs. OpenShift is in the works. We are happy to host any parts of it for you as well.

Use as much as or as little as you want. Do you have an internal system that owns customer data? We can integrate with that. Have a home grown provisioning system that needs to be called on changes? Yep, check.

Auditable*

Anytime someone makes a change to the system, others from that company can identify who made the change and how the system was impacted.

*Licensed components are not included in the open source package. Learn more about acquiring licensed options.

Turnkey Secure Route Servers

IXCtl leverages arouteserver to produce well tested configs for a variety of route server implementations. It can be used with FullCtl containers to dynamically load configs as updates are made.

PeeringDB Integration

Authenticate with PeeringDB with an option to incorporate it’s user permissions for AS. Also keeps a local PeeringDB copy to use data from. All PeeringDB gained data is overridable by admins or users.

Source of Truth

IXCtl is designed to be the source of truth for the Internet Exchange.

Additional Functionalities

Upcoming features

Our system can auto-populate IXCtl groups and give IXP managers assigning privileges to streamline the admin process. The system can also import existing restrictions such as read-only users. Specific permission levels desired by the client but not supported in PDB can be assigned within IXCtl.

Have an idea or request for a feature? Please contact us. For more information on these and additional features please see: https://github.com/fullctl and https://github.com/orgs/fullctl/projects/2


History

IXCtl started as a component of the FullCtl Suite by 20C. It was initially written to power the Chicago Internet Exchange and was called uixauto as a provisioning overlay to IXP-Manager. It has since evolved, and is currently used in production environments.

20C has always been an open source software proponent but open sourcing the internal FullCtl components had not been considered until a specific need was identified by our clients. Frequently when dealing with network automation, there are many proprietary customer-specific interfaces, which make it difficult to separate and open source. In addition, IXP Manager has done a great job filling the needs for this very niche market. However, the ability to select only the components needed for a specific project expands functionality, reduces redundancy and lowers cost. There has been immense interest in this project. Clients can choose open source and free to use, or let 20C manage, support, and/or host it. We’re big fans of this whole internet thing, so we discount our rates for registered non-profits.


Printable version of IXCtl overview