|
|
Joe St Sauver, Ph.D.
joe@oregon.uoregon.edu
Intel's recent generous donation of 21 traffic shaping boxes potentially gives
the University of Oregon great flexibility in managing its network traffic.
One major advantage of these boxes is that they can be used in more than one
way. In passive mode, they can analyze and classify the traffic that's flowing
on a subnet (this can be useful in such activities as doing network planning
or resolving performance issues, for example). But when used in active mode,
the boxes can also "shape" or control the traffic that flows over
the network.
Without intentional traffic shaping, network traffic will flow subject only
to natural limitations , or "choke points." Those choke points can
occur at a very low level (e.g., at the TCP/IP protocol level), in the way an
application happens to be programmed, in the host system on which an application
may be running, or in the network itself. If you are dialing in, for example,
your traffic will be choked by the 40 to 50Kbps of effective throughput your
modem may deliver.
In the case of a directly connected system on campus, most often the only binding
constraint will be the university's wide area (Internet) bandwidth, which we
all collectively share. This type of bandwidth is in high demand on campus,
but because it's expensive to purchase and budgets are tight, the university
must manage its limited bandwidth wisely.
When traffic shaping boxes are used, wide area (Internet) bandwidth can be
actively managed to limit traffic in several different ways:
1. Per-application rules. Traffic shapers can identify and categorize
specific types of network traffic, constraining each particular category of
traffic to use no more than a specified amount of bandwidth. For example, you
might hypothetically have a rule that limits aggregate FTP traffic to no more
than 6 megabits per second and a another rule that limits total streaming audio
traffic to no more than 3 Mbps, etc.
Traffic shapers can categorize traffic based on macroscopic characteristics,
such as the traffic's protocol (IP, IPX, AppleTalk, DECNet, etc.), the ports
an application is known to use (for example, Kazaa typically runs on port 1214),
or on the basis of connections to a particular well-known host (such as a central
game server), etc.
Traffic can also be categorized based of the content of the flow regardless
of the flow's macroscopic characteristics. For example, most traffic shapers
can easily identify and automatically categorize web traffic based on the negotiations
that take place between a web server and a web browser when a page is requested,
regardless of whether the web server is running on port 80 (the default) or
some other nonstandard port.
2. Per-user rules. Traffic shapers can set per-user traffic limits to
ensure that network traffic is shared fairly among all users. For instance,
you might decide to use a per-user rule that limits traffic to or from each
user to no more than 256Kbps (giving them DSL-like service). When traffic is
limited in that way, a user can still access whatever he or she wants, but the
flows are "smoothed out" to a specified level rather than attempting
to use all or much of the total available network capacity campuswide.
Traffic limits can be either "hard" or "burstable." As
you might expect, a hard limit is a fixed ceiling that can't be exceeded. Burstable
limits, on the other hand, allow traffic to exceed the base threshold value
(at least up to a specified "burst limit") as long as capacity remains
available and there's no higher priority application preemptively claiming that
capacity.
3. Priority management. In addition to setting hard or burstable traffic
limits on a per-application or per-user basis, traffic shaping devices can also
be used to define the relative importance, or priority, of different types of
traffic. For example, in an academic network where teaching and research are
most important, recreational uses of the network (such as network games or peer-to-peer
file sharing application traffic) can be allowed bandwidth only when higher
priority applications don't need it.
Some traffic shaping tasks can be done directly on a regular Cisco or Juniper
router, just as a router can also be used to do some firewall-like packet filtering
tasks. However, specialized traffic shapers, like any specialized devices, can
be optimized to specifically and efficiently handle their unique responsibilities.
Specialized devices also typically have a "bigger bag of tricks" to
draw from when dealing with problems in their special area of expertise. Doing
traffic shaping on a dedicated traffic shaping box also avoids loading up routers
with other tasks, leaving the router free to focus on doing its job of routing
packets as fast as it can.
For more information about bandwidth management strategies, including case
studies and technical briefs, see
http://www.intel.com/network/idc/products/bandwidth_management.htm