Lesson 7 - Rate Limiting & Traffic Shaping Flashcards
What is the motivation of traffic classification and shaping?
-Control network resources-Ensure no traffic flow exceeds a particular pre-specified rate
Classifications of traffic sources
-Data can be bursty, weekly, periodic, regular-Audio is typically continuous and strongly periodic-Video is typically continuous but often bursty due to how it’s compressed
2 classes of traffic
-CBR (continuous bit rate): traffic arrives at regular intervals. packets typically the same size as they arrive. -VBR (variable bit rate)
Example of CBR
-Audio
How to shape CBR
-According to peak rate
Example of VBR
-Video-Data Transfers
How to shape VBR
-According to average rate and peak rate, where the average rate might actually be a small fraction of the peak rate.
Token bucket vs leaky bucket
-Both easy to implement, but token bucket is more flexible since it has additional parameters to configure burst size-Policing traffic sent by token buckets can be difficult-Token buckets allow for long bursts, and if the bursts are of high priority traffic, they are difficult to police and may interfere with other high priority traffic
How to police traffic sent by a token bucket
-Use a composite shaper-Combines a token bucket shaper and a leaky bucket shaper-Allows for good policing, confirming that the flow’s data rate does not exceed the average data rate allowed by the smooth leaky bucket is easy, but the implementation is more complex since each flow now requires two counters and two timers, one timer and one counter for each bucket.
Power boost
-Traffic shaping mechanism first deployed commercially in 2006 by Comcast-Allows a subscriber to send at a higher rate for a brief period of time-Targets the spare capacity in the network for subscribers who don’t put a sustained load on the network.
2 Types of Power Boost
-Capped: the rate which the user can achieve during the burst window is set to not exceed a particular rate-Uncapped: no limit. Simple implementation.
Calculate sender rate
Review this lecture
Solutions to buffer bloat problems
-User smaller buffers (tall order given that the infrastructure is already deployed)-Use traffic shaping methods-Shape traffic such that traffic coming in to the access link never exceeds the uplink that the ISP has provided us, then the buffer will never fill. Thus, by shaping traffic at the home router such that the rate traffic is sent to the ISP never exceeds the rate of the uplink, the modem buffer will never actually fill up.
2 types of network measurement
-Passive: collect packets, flow statistics, etc. of traffic that is already being sent on the network, flow traces-Active: inject additional traffic to measure various characteristics Example: previous lessons where we actively sent traffic on the network to measure speeds of downloads-Other common active measurement tools include ping and traceroute
2 common active measurement tools
-Ping: often used to measure delay to a particular server-Traceroute: often used to measure the network level, or the IP level, path between 2 hosts on the network
Why measure network?
-Billing (passively measure) based on traffic sent on network by consumer. Common mode of billing is 95th percentile where customer pays CIR (committed information rate) and throughput is measured ever 5 minutes. Customer is billed on 95th percentile of those samples.-Security: operators may want to know the type of traffic that’s being sent on the network so that they can detect rogue behavior, to detect: * Compromised hosts * Presence of Botnets * Denial of Service Attacks
SNMP
-Simple Network Management Protocol: provides packet and byte counters to measure network passively-Advantage: ubiquitous, supported on almost all networking equipment. Many products for pulling and analyzing SNMP data.-Disadvantage: fairly coarse. Because we’re just pulling byte or packet counts on the interface, we can’t ask specific questions like “how much traffic has been sent by a particular host or by a particular flow”. You cannot express complex queries on the data.
2 ways to measure passively (besides SNMP)
-Monitoring at a packet level granularity. Monitors can see full packet contents, or at least headers.-Monitoring at flow level. Monitor may see specific statistics about individual flows in the network
Packet monitoring
-Monitor might see full packet contents, or at least the headers, of the packets that traverse a particular link-Common ways of performing packet monitoring: * tcpdump * ethereal * wireshark-Sometimes it’s performed using expensive hardware that can be mounted in servers alongside the routers that forward traffic through the network. * An optical link in the network is sometimes split so that traffic can be both sent along the network and sent to the monitor. Although it can be expensive on high speed links, what you do on tcpdump, ethereal, or Wireshark is essentially the same thing. Your machine essentially acts as a monitor on the LAN.
Advantages of packet monitoring
Provides lots of detail. You can see timing information, and info in the packet headers.