What is an Internet Exchange Point and why does it matter for developers?

An Internet Exchange Point (IXP) is a physical facility where independent networks connect to exchange internet traffic directly. Major IXPs like LINX (London), DE-CIX (Frankfurt, 14+ Tbps peak), and AMS-IX (Amsterdam) handle a significant fraction of regional internet traffic. When an IXP fails, BGP reconvergence causes traffic to reroute through longer paths — manifesting as elevated latency and intermittent connectivity that looks like application-level issues. A small number of IXPs handle disproportionate global traffic, creating structural concentration risk similar to critical API dependency.

Was an AWS data centre struck in the 2026 conflict?

Yes. AWS reported that its UAE facility (serving the me-south-1 region) was struck by "objects" during the 2026 Middle East conflict, causing significant disruption for Middle East, South Asia, and East Africa customers. The incident demonstrated that cloud data centres in conflict-adjacent Gulf states face physical kinetic threat risks that traditional data centre security architectures were not designed to handle. 64% of organisations now account for geopolitically motivated attacks on critical infrastructure in their risk strategies.

What is BGP and how does an IXP failure affect internet routing?

BGP (Border Gateway Protocol) is the protocol that tells internet routers where to send traffic globally. When an IXP fails, the peering connections between networks at that IXP terminate, and BGP reconvergence occurs — all networks find alternative paths over seconds to minutes, causing transient packet loss. Traffic previously exchanged free at the IXP now pays transit rates through longer paths. For applications, this looks like elevated latency (50-200ms higher), intermittent timeouts, and slow DNS — not a clean outage but degraded service that is difficult to diagnose without routing-level monitoring.

What happened to Sudan's internet during the civil war?

Sudan's lack of robust domestic IXP infrastructure meant that during the 2023 civil war, traffic between two Sudanese cities routed through IXPs in London or Frankfurt — adding hundreds of milliseconds of latency and imposing international transit costs on domestic communications. The case illustrates that countries without local IXP infrastructure are structurally more vulnerable to internet degradation during conflict, with costs falling on people who cannot afford international transit pricing.

Should I be worried about my cloud provider's data centres in the Middle East?

For workloads where Gulf state latency is a functional requirement (serving Middle East users), the risk is a factor to weigh against business need. The AWS UAE incident demonstrates physical kinetic risk is real. For workloads using Gulf regions as cache or fallback with no strict latency requirement, routing through geographically distant but more secure regions may be more resilient. Monitor BGP routing data and maintain multi-region failover that does not depend on Gulf state infrastructure as a critical path.

Security Tech Industry Web Development Career

The Hidden Chokepoints: Internet Exchange Points and Data Centres Under Physical Attack in 2026

Abhishek Gautam·March 4, 2026·11 min read

Quick summary

Most developers think about cloud regions but not about Internet Exchange Points — the buildings where the internet actually interconnects. In 2026, an AWS UAE facility was struck by objects during the conflict, Gulf state cloud infrastructure is under elevated threat, and IXPs are formally critical infrastructure. Here is what developers need to know.

When developers think about internet infrastructure resilience, they think about cloud regions, CDN edge nodes, and DNS redundancy. Almost nobody thinks about Internet Exchange Points — and that is a significant gap in most organisations' infrastructure risk models.

Internet Exchange Points (IXPs) are the physical facilities where different networks meet and exchange traffic. When your browser sends a request to a server in another country, the packet probably passes through an IXP at some point in its journey. LINX (London), DE-CIX (Frankfurt), AMS-IX (Amsterdam), JPNAP (Tokyo), MSIX (Mumbai) — these are the physical rooms, often unremarkable buildings, where the internet's peering relationships materialise into copper and fibre.

In 2026, these facilities — and the data centres that house them — are more visible targets than at any point in the history of the commercial internet. And the consequences of attacking one are disproportionate to their physical size.

What an IXP Actually Is

An Internet Exchange Point is a physical switching facility where independent networks connect to exchange traffic directly, rather than paying a third party to carry it. The major IXPs handle enormous traffic volumes:

LINX (London): One of the world's largest, handling multiple terabits per second between hundreds of member networks
DE-CIX (Frankfurt): Peak traffic over 14 Tbps, connecting approximately 1,000 networks from 60+ countries
AMS-IX (Amsterdam): Similar scale, hub for European internet traffic
Equinix IX (multiple US locations): Inside Equinix data centres in New York, Chicago, Los Angeles, Dallas, Seattle

These are not government facilities. They are typically operated by non-profit organisations or commercial entities, physically located in data centres housing equipment for hundreds of companies. Their addresses are publicly known. Their physical locations face the same security challenges as any large commercial building.

The concentration problem:

A significant fraction of internet traffic between specific country pairs passes through a single IXP. UK-to-Germany traffic likely transits LINX or DE-CIX. Southeast Asian traffic routing to the US often passes through Singapore's SGIX and one or more European IXPs. The consolidation of peering into a small number of high-capacity IXPs reduces costs and latency but creates structural concentration risk.

The Fastly CDN outage of 2021 illustrated the mechanism: a single configuration error took down large portions of the commercial internet for an hour because so much traffic ran through one provider. IXP concentration risk is structurally similar but more durable — an IXP physical failure affects routing, not just content delivery, and cannot be fixed with a config rollback.

AWS UAE: A Direct Strike on Cloud Infrastructure

In early 2026, Amazon Web Services reported that its UAE facility was struck by "objects" during the regional conflict, causing significant disruption to cloud services for Middle East region customers.

The AWS UAE availability zone (me-south-1) serves customers across the broader Middle East, South Asia, and East Africa. It handles routing, caching, and inter-region traffic for a wider geography beyond just UAE-based customers. The disruption affected services far beyond Dubai and Abu Dhabi.

The incident demonstrated simultaneously:

Data centres in conflict-adjacent regions can be directly targeted with physical kinetic weapons
Cloud providers operating in Gulf states — US military allies — are potential targets for retaliatory operations
Physical security architectures designed for power failures and hardware faults are not designed for missile or drone strikes

The Gulf infrastructure expansion:

AWS, Google Cloud, and Microsoft Azure have all significantly expanded their Middle East presence in the past 3-4 years, driven by Gulf sovereign wealth fund demand, government digitisation programmes, and the growing regional tech ecosystem. Multiple availability zones now exist in UAE, Saudi Arabia, Bahrain, Qatar, and Kuwait.

These facilities are physically in the region most affected by the Iran-Israel-USA conflict. 64% of organisations now explicitly account for geopolitically motivated attacks on critical infrastructure in their cyber risk strategy. The AWS UAE incident extends that conversation to physical kinetic risk — a category that most cloud infrastructure security models had not formally included.

The Sudan Case Study: When IXPs Go Down

For a preview of IXP infrastructure destruction in conflict, Sudan is the reference case.

Sudan lacks robust domestic IXP infrastructure. During the civil war that escalated in 2023, the destruction of telecommunications infrastructure — including what limited IXP capacity existed — meant that traffic between two Sudanese cities was routing through IXPs in London or Frankfurt, adding hundreds of milliseconds of latency to domestic communications and imposing international transit costs on every domestic packet.

The absence of local IXP infrastructure turned a domestic communications challenge into an international routing problem that compounded the humanitarian impact of the conflict.

Sudan is an extreme case. But it illustrates the structural dependency: countries without robust domestic IXP infrastructure are more vulnerable to internet isolation during conflict. The costs fall disproportionately on people who cannot afford the international transit pricing they are forced onto. Organisations like APNIC and RIPE NCC have been advocating for IXP deployment in underserved regions specifically to create resilient local internet ecosystems.

BGP: How Traffic Reroutes When an IXP Fails

Understanding what happens technically when an IXP fails requires understanding BGP — the Border Gateway Protocol that governs global routing.

When an IXP goes offline, the BGP sessions between peering networks terminate. Each network must find alternative paths for traffic previously exchanged at that IXP. In practice:

Traffic previously exchanged free at a peering point now pays transit rates through alternative paths
Latency increases as traffic routes through longer, less direct paths
BGP reconvergence — all networks updating their routing tables — takes seconds to minutes, causing transient packet loss across a wide area
Some network pairs may lose connectivity temporarily if their only common exchange point is the affected IXP

For developers, BGP reconvergence from IXP disruption manifests as: intermittent connectivity, elevated latency, occasional timeouts — not a clean "site is down" error but degraded service that is difficult to diagnose without routing-level visibility. Application-level monitoring (HTTP status codes, response times) will show the symptoms long before the cause is identifiable.

Practical Implications for Infrastructure Design

Know your cloud region's IXP dependencies:

Cloud providers peer at IXPs to connect their regions to the broader internet:

AWS us-east-1 (Virginia): Equinix Ashburn — the largest internet infrastructure concentration in the world
AWS eu-west-1 (Ireland): LINX and other European IXPs
AWS ap-southeast-1 (Singapore): SGIX and regional IXPs

Understanding which IXPs your cloud region depends on lets you assess the geopolitical and physical risk profile of your connectivity.

Use hyperscalers with global backbones:

AWS, Google Cloud, and Azure operate their own backbone networks that reduce dependency on public IXPs for inter-region traffic. This is a structural advantage over smaller cloud providers that rely more heavily on public IXP peering. For production workloads in regions with elevated physical threat, using a hyperscaler with a global backbone reduces (but does not eliminate) IXP concentration risk.

Deploy anycast for critical services:

Anycast routing — announcing the same IP address from multiple geographic locations — means traffic automatically routes to the nearest functioning instance. If one IXP or region fails, traffic flows to the next nearest announcement. DNS services (Cloudflare 1.1.1.1, Google 8.8.8.8) use anycast. Production APIs and critical endpoints should too.

Monitor BGP routing:

Tools like BGPView, RIPE's routing information services, and ThousandEyes monitor global BGP routing and alert when traffic paths change unexpectedly — the first signal that an IXP incident is affecting connectivity before it appears in application metrics.

Gulf state cloud risk assessment:

If you are choosing whether to deploy in AWS me-south-1 (UAE) or Google Cloud Middle East, factor in the elevated physical security risk for Gulf state data centres in 2026. For customers where Middle East latency is a requirement, the risk may be acceptable. For customers using Gulf regions as cache or fallback, rerouting through other regions with slightly higher latency may be the more resilient choice.

The Invisible Infrastructure Problem

IXPs and data centre physical risk are almost completely absent from the mental model most developers use to think about reliability. The typical model — multiple cloud regions, CDN, health checks — was designed for software bugs, hardware failures, and misconfigurations. It was not designed for physical strikes on data centre facilities, IXP infrastructure in conflict zones, or cable sabotage that degrades regional routing for weeks.

The internet's physical layer is not invisible to the people who want to attack it. The buildings are known. The cable routes are on public maps. The BGP routing tables are publicly queryable. The concentration of global internet traffic through a small number of physical facilities means that targeting a single building in London or Frankfurt can degrade connectivity for millions of users across dozens of countries.

Understanding this requires not paranoia but the same risk assessment discipline that good engineers apply to every dependency: where is the single point of failure, what is the probability of failure given current threat actors, and what does the fallback architecture look like? In 2026, those answers are different from 2022.