Lesson 7 - Rate Limiting and Traffic Shaping Flashcards

1
Q

What is the motivation of traffic classification and shaping?

A
  • Control network resources

- Ensure no traffic flow exceeds a particular pre-specified rate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Classifications of traffic sources

A
  • Data can be bursty, weekly, periodic, regular
  • Audio is typically continuous and strongly periodic
  • Video is typically continuous but often bursty due to how it’s compressed
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

2 classes of traffic

A
  • CBR (continuous bit rate): traffic arrives at regular intervals. packets typically the same size as they arrive.
  • VBR (variable bit rate)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Example of CBR

A

-Audio

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

How to shape CBR

A

-According to peak rate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Example of VBR

A
  • Video

- Data Transfers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

How to shape VBR

A

-According to average rate and peak rate, where the average rate might actually be a small fraction of the peak rate.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Token bucket vs leaky bucket

A
  • Both easy to implement, but token bucket is more flexible since it has additional parameters to configure burst size
  • Policing traffic sent by token buckets can be difficult
  • Token buckets allow for long bursts, and if the bursts are of high priority traffic, they are difficult to police and may interfere with other high priority traffic
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

How to police traffic sent by a token bucket

A
  • Use a composite shaper
  • Combines a token bucket shaper and a leaky bucket shaper
  • Allows for good policing, confirming that the flow’s data rate does not exceed the average data rate allowed by the smooth leaky bucket is easy, but the implementation is more complex since each flow now requires two counters and two timers, one timer and one counter for each bucket.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Power boost

A
  • Traffic shaping mechanism first deployed commercially in 2006 by Comcast
  • Allows a subscriber to send at a higher rate for a brief period of time
  • Targets the spare capacity in the network for subscribers who don’t put a sustained load on the network.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

2 Types of Power Boost

A
  • Capped: the rate which the user can achieve during the burst window is set to not exceed a particular rate
  • Uncapped: no limit. Simple implementation.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Calculate sender rate

A

Review this lecture

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Solutions to buffer bloat problems

A
  • User smaller buffers (tall order given that the infrastructure is already deployed)
  • Use traffic shaping methods
  • Shape traffic such that traffic coming in to the access link never exceeds the uplink that the ISP has provided us, then the buffer will never fill. Thus, by shaping traffic at the home router such that the rate traffic is sent to the ISP never exceeds the rate of the uplink, the modem buffer will never actually fill up.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

2 types of network measurement

A
  • Passive: collect packets, flow statistics, etc. of traffic that is already being sent on the network, flow traces
  • Active: inject additional traffic to measure various characteristics Example: previous lessons where we actively sent traffic on the network to measure speeds of downloads
  • Other common active measurement tools include ping and traceroute
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

2 common active measurement tools

A
  • Ping: often used to measure delay to a particular server

- Traceroute: often used to measure the network level, or the IP level, path between 2 hosts on the network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Why measure network?

A
  • Billing (passively measure) based on traffic sent on network by consumer. Common mode of billing is 95th percentile where customer pays CIR (committed information rate) and throughput is measured ever 5 minutes. Customer is billed on 95th percentile of those samples.
  • Security: operators may want to know the type of traffic that’s being sent on the network so that they can detect rogue behavior, to detect:
    * Compromised hosts
    * Presence of Botnets
    * Denial of Service Attacks
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

SNMP

A
  • Simple Network Management Protocol: provides packet and byte counters to measure network passively
  • Advantage: ubiquitous, supported on almost all networking equipment. Many products for pulling and analyzing SNMP data.
  • Disadvantage: fairly coarse. Because we’re just pulling byte or packet counts on the interface, we can’t ask specific questions like “how much traffic has been sent by a particular host or by a particular flow”. You cannot express complex queries on the data.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

2 ways to measure passively (besides SNMP)

A
  • Monitoring at a packet level granularity. Monitors can see full packet contents, or at least headers.
  • Monitoring at flow level. Monitor may see specific statistics about individual flows in the network
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Packet monitoring

A
  • Monitor might see full packet contents, or at least the headers, of the packets that traverse a particular link
  • Common ways of performing packet monitoring:
    * tcpdump
    * ethereal
    * wireshark
  • Sometimes it’s performed using expensive hardware that can be mounted in servers alongside the routers that forward traffic through the network.
    * An optical link in the network is sometimes split so that traffic can be both sent along the network and sent to the monitor. Although it can be expensive on high speed links, what you do on tcpdump, ethereal, or Wireshark is essentially the same thing. Your machine essentially acts as a monitor on the LAN.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Advantages of packet monitoring

A

Provides lots of detail. You can see timing information, and info in the packet headers.

21
Q

Disadvantages of packet monitoring

A
  • Fairly high overhead
  • Very hard to keep up with high-speed link, and often requires a separate monitoring device such as the monitoring card shown below.
22
Q

Flow monitoring

A
  • A monitor, which might actually be running on the router itself, records statistics per flow
  • A flow consists of packets that share a common source and destination IP address, source and dest port, protocol type, TOS byte, and interface on which the packets arrived.
  • A flow monitor can then record statistics for a flow that’s defined by the group of packets that share these features.
  • Much less overhead than packet monitoring, but is also much more coarse than packet monitoring because the monitor does not see individual packets or payloads. Therefore, it’s impossible to get certain information from flow monitoring such as packet timing information.
  • In addition to the above characteristics, packets are typically grouped into flows if they occur close tighter in time. If packets with the same header information do not appear for a particular time interval, such as 15 or 30 seconds, the router simply declares the flow to be over and sends a flow record to the monitor based on the group of packets that it’s seen up to that point.
23
Q

Flow records

A

Contain helpful information:

  • next-hop IP address
  • other information related to routing, such as the src/dest AS on which those packets appear to be coming from and going to based on the routing table, as well as the prefix that those packets matched in the routing table.
24
Q

Sampling

A

Build flow statistics based only on samples of the packets
-For example, flows may be created based on 1 out of every 10 or 100 packets, or a packet might be sampled with a particular probability and flow statistics might only be tabulated based on the packets that end up being sampled randomly from the total set of packets

25
Q

Which type of monitoring can provide timing information (packet level)?

A

Packet monitoring

26
Q

Which type of monitoring can provide packet header information?

A

Packet monitoring

27
Q

Which type of monitoring can provide the number of bytes in each flow?

A

Packet monitoring AND flow monitoring

if you have packet information, you can of course compute number of bytes in each flow

28
Q

Common methods used for Packet Monitoring

A
  • tcpdump
    * ethereal
    * wireshark
29
Q

Advantages of packet monitoring

A

Provides lots of detail. You can see timing information, and info in the packet headers

30
Q

Disadvantage of packet monitoring

A
  • Fairly high overhead
    * Very hard to keep up with high-speed link, and often requires a separate monitoring device like a monitoring card
31
Q

What is a flow

A

traffic flow, packet flow or network flow is a sequence of packets from a source computer to a destination, which may be another host, a multicast group, or a broadcast domain. RFC 2722 defines traffic flow as “an artificial logical equivalent to a call or connection.”

32
Q

Difference between Leaky and Token bucket

A

In example, lower-case b is packet size. B is bucket capacity.

if b < B:

  • if bucket is full, packet is sent and b tokens are removed
  • if bucket is empty, packet must wait until b tokens drip into the bucket
  • if bucket is partially full, it depends. Packet is sent immediately if # tokens is > b. Otherwise, need to wait until b tokens arrive in the bucket.
33
Q

Limitation of Token Bucket

A

Token:

  • Permits burstiness, but bounds it.
  • In any T, rate < B + T*p
  • Long-term, rate is always < p
  • No discard or priority policies
  • Policing traffic sent by token buckets difficult due to burstiness

Leaky:

  • Forces traffic to be smooth
  • Implement priority policies for flows that exceed smoothing rate

Both easy to implement, but token more flexible (more parameters to control burst size)

34
Q

What is Beta (B) in traffic shaping?

A

Size of the bucket

35
Q

What is rho (p) in traffic shaping?

A

Drain rate of the bucket

  • Controls the average rate
  • “regulator”
36
Q

In leaky bucket, how many buckets per flow?

A

1

37
Q

What does the size of the bucket control?

A

The maximum burst size that a sender can send for a particular flow
-Sender might be able to send at a rate faster than rho as long as the total size of the burst does not exceed the size of the bucket (Beta)

38
Q

If B = 16 KB, packets are 1 KB, and p = 8 pps, what would be the maximum of the avg rate of sending be?

A

64Kbps (8pps, each packet is 1 KB, 8 bits in a Byte)

39
Q

Setting a larger bucket size can accommodate a __________

A

Larger burst rate

40
Q

Setting a larger rate of rho can accommodate or enable a ________

A

Faster packet rate

41
Q

(r, T) smooth traffic shape

A

One cannot send a packet that’s larger than r-bits long. Unless T is very large, the packet size is small. Typically limited

42
Q

(r, T) vs leaky bucket

A

(r, T) slightly more relaxed because it can send a # of bits every time unit, as opposed to a # of packets every time unit

43
Q

Why use a token bucket?

A

Allow for bursts

44
Q

Rho (p) in token bucket

A

Rate at which tokens are placed in bucket

45
Q

Beta (B) in token bucket

A

Capacity of the bucket (bucket contains tokens)

46
Q

Lambda avg and lambda peak

A

Rate at which traffic arrives in a token bucket shaper.

47
Q

How to police token buckets?

A

Composite shaper (combines token bucket and leaky bucket)

  • Basically a token bucket shaper with a leaky bucket afterwards
  • Allows for good policing, confirming that the avg. data rate does not exceed the rate allowed by the smooth leaky bucket
  • It’s easy but implementation is more complex since each flow now requires 2 counters AND 2 timers
48
Q

Buffer bloat causes the user to see what?

A

Delay!

Delay = amount of data in buffer divided by rate that the buffer can drain