Independent of the implementation, the topology of an IXP or the number of pops the peering LAN should always act like a plain Layer2 ethernet network.

Typically, each peering device hosts a single peering LAN where all members are connected. Ports might be tagged or untagged; there is no difference if the device only hosts a public peering VLAN. However, some IXPs may want to offer configuration of "private VLANs" between members as a service; the relevant members should then have a tagged port (or a separate port) on the device.

Port configuration for things such as port speed and full duplex/half duplex should be agreed with the member, taking into account the devices that must be connected. Some devices may have trouble with auto-negotiation or, on the contrary, with forcing a particular configuration.

Theoretically, if the members were "well-behaved", no additional configuration would be necessary. However, misconfigurations can happen to anybody, so it is usually best to put some protection mechanisms in place on the peering switch, such as the following: