Traffic Conditioning

Speed Limit

{My compendium on Traffic Conditioners / Traffic Shapers}

Often there would be a need for an ISP to prioritize or delay a set of packets. Sometimes this is done to enhance the user experience, and other times to up-sell a set of their services. For example, VoIP & HTTP data must get priority over FTP & P2P data, so that the user experience is good. ISP’s might want to set hard limits on some applications, for example no more than 5 mbps for FTP data. Some ISP’s would offer differentiated services, and up-sell higher bandwidth for online gaming to their subscribers. And almost always, the ISP’s would limit the bandwidth on a per client basis, based upon the plan sold to the subscriber.


Application servers would also need to prioritize or delay packets for ensuring that the performance SLA’s are met. All of this requires a traffic conditioner to do the job. Below are the key reasons for deploying a traffic conditioner:

  1. To guarantee performance, QoS, and meet SLA.
  2. To reduce latency.
  3. To offer differentiated services.
  4. To prioritize requests at packet level, right at the ingress or egress of the network.

A traffic conditioner defines bandwidth rules, or bandwidth partitions to throttle the flow of network traffic. It can prioritize, or delay a set of packets based upon a policy. Some related & loosely coupled terms are Traffic Shaper, Rate Shaper, Packet Shaper, etc.

Deployment

A traffic conditioner is deployed at the network edge.

  1. It could be at the egress of network, as is the case with ISP’s. It’s in the best interest of the ISP to shape & rate limit the traffic before the traffic reaches the exchange points, because the ISP’s maintain a ledger of inter ISP traffic flows, and then settle in cash.
  2. Its deployed at the ingress of network in case of application servers. It’s best to limit the packets right before the packets enter into the network. Once into the network, the waiting packets would consume much more resources.

Working

  1. All arriving packets are subjected to a traffic classification, and a transmission policy.
  2. Traffic Classification: Based on the classification, the packets are queued up in different FIFO buffers for each separately shaped class. Ex: Sensitive data (http, video conference), best effort traffic (P2P, POP3), undesired traffic (spam, worms, botnet).
  3. Transmission Policy: The transmission policy of each shaped class defines if the packets from the FIFO buffer can be transmitted immediately, after some delay, or never. Never could be a case if there is a buffer overflow, or if the traffic is undesired and needs to be dropped. Dropping of undesired traffic is referred to as traffic policing.

Transmission Policy

The transmission policy usually performs separate metering of each class using a Leaky Bucket algorithm (A FIFO queue, with constant poll/dequeue rate, and that would spill/discard elements when full). Token Bucket algorithm (Each bucket is allotted tokens at a fixed rate, and a certain number of tokens are required to remove a packet from the bucket) is used for maintaining the constant poll/dequeue rate.

Traffic Classification

Traffic Policy

Traffic Classification

Classification is the process of categorizing the traffic into multiple FIFO buffers, or CBQs. Each traffic is then subjected to the transmission policy for that class.

  • Application Based Classification: This uses Signature Recognition, or Behavior Recognition to classify packets. Signature Recognition is done by verifying the bit patterns of known protocols, standard port numbers, etc. Behavior Recognition involves more advanced techniques involving statistical analysis of packet attributes like packet sizes, packet inter-arrival times (recall the tracking id packet that is sent by torrent clients after every while), and byte frequencies. Traffic shapers are required to inspect L2-4 for some of this, but an intelligent classification would require L7 deep packet inspection. And still, its easy to dupe the traffic shapers as more and more applications allow SSL encryption of data. As ISP’s target P2P applications, the P2P applications devise new ports and protocols to dupe the ISP’s by using algorithms that vary packet size, and sometimes obfuscate the data. Thus, ISP’s are moving to per-client classification.
  • Per Client Classification: The rate shaping happens based upon the client IP, or a group of client IPs. Therefore clients can’t defeat the shaping by disguising the protocols. This ensures that no single user consumes more than x amount of bandwidth. When applied over a group of client IPs (IP-Range), it would ensure that the group does not consume more than x amount of bandwidth.
Traffic Classifier

Traffic Classification

Commercial Traffic Conditioners

The criterion for selecting a traffic shaper include – the maximum bandwidth supported, the traffic classifications supported,number of traffic policies that can be defined, allows for time based policies (different policy for off-peak hours), price.

  1. BlueCoat’s Packet Shaper: Uses Signature & Behavioral Recognition to classify more than 600 common applications. Allows defining new classifiers. Can do L7 inspection. Uses URL, application signature, HTTP content type, IP address, VLAN, MAC, MPLS Tag, Differentiated Service bit, TOS, etc. to classify.Web Console for administering.
  2. Allot’s OptimaIP 2402: USD 1500 – USD 3000
  3. Cisco’s Application Control Engine (ACE): USD 40000 to USD 100000
  4. Linux Advanced Routing & Traffic Control: larct.org
  5. NetEqualizer: USD 2000
  6. Procera OptimaIP

Glossary

AQM: Active Queue Management is the set of algorithms that can be applied to manage a queue. It defines what to do when the queue is full. Simple options are Tail Drop. Better ones are Random Early Detection, Random Exponential Marking.
CBQ: Class Based Queue is a network routing queue method that allows the traffic bandwidth to be metered, after being classified as classes.

One Comment on “Traffic Conditioning

  1. Spot on with this write-up. I’ll probably be
    returning to read more, thanks for the advice!

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>