Rate limiting and traffic shaping

Question 1

data classification (traffic)

Answer 1

Bursty, Periodic, regular

Question 2

audio classification (traffic

Answer 2

continuous, periodic

Question 3

video classification (traffic)

Answer 3

continuous, periodic, bursty

Question 4

Two rate classes

Answer 4

CBR and VBR

Question 5

CBR

Answer 5

Constant Bit Rate source (audio)

Question 6

VBR

Answer 6

Variable Bit Rate source (video, audio)

Question 7

How is CBR shaped

Answer 7

Peak Rate

Question 8

How is VBR shaped

Answer 8

Average and peak rate

Question 9

leaky bucket shaper

Answer 9

you have a buffer Beta that can be thought of as having a leaky whole. Rho is the drain rate that acts as a regulator.

Question 10

(R, T) packet shaping

Answer 10

Traffic is divided into T-bit frames

Flow can inject <= r bits in any T-bit frame

Question 11

What to do when a flow exceeds rate? (leaky bucket)

Answer 11

Packets are given a lower priority or in the worse case dropped

Question 12

What is used to shape bursty traffic?

Answer 12

Token Bucket

Question 13

What is a token bucket

Answer 13

we have a rate rho at which tokens are placed in the bucket. Lambda(peak) = peak rate. Lambda(avg) = average rate.

Question 14

What happens when the token bucket is full?

Answer 14

If we are sending a packet of size b: if bucket is full, packet is sent, b tokens removed.

Question 15

What happens when the token bucket is empty

Answer 15

Empty pack must wait until b tokens arrive.

Question 16

What happens when the token bucket is partially full?

Answer 16

If number of tokens exceeds b send otherwise wait

Question 17

Token Bucket main points

Answer 17

Permits burst but bounds it. If any T, rate < Beta + T * rho, longterm < rho, no discard or priority, difficult to policy

Question 18

Leaky Bucket main points

Answer 18

Forces to be smooth, Priority policy

Question 19

How does Policing with token buckets work?

Answer 19

Link a token bucket with a leaky bucket. When the traffic leaves the token bucket it is added to a leaky bucket.

Question 20

Power Boost

Answer 20

Allows for subscribers to send at a higher rate for some period of time. Spare capacity for users who do not put sustained load on the network.

Question 21

Calculating Powerboast Rates

Answer 21

Sending rage r > Rsustained. d is how long the sender can exceed the sustained rate. We can then computer the area Beta by taking the product of d and the difference of r and Rsustained.

Question 22

What did project Bismark discover

Answer 22

Powerboost may introduce long delays since the rapid increase in traffic might be a faster rate then the network can handle causing buffers to fill up.

Question 23

How could the issue with Powerboost be corrected?

Answer 23

They could run a packet shaper to avoid latency issues

Question 24

Buffer Bloat

Answer 24

Buffers can only drain at Rsustained. Delay = (Data in buffer / Rsustained)

Question 25

How can a traffic shaper help correct Buffer Bloat

Answer 25

Make sure that the traffic entering the cable modem doesn’t exceed the buffer drain rate (uplink to isp)

Question 26

Two types of network measurement

Answer 26

Passive and Active

Question 27

Passive Measurement

Answer 27

Collection of packets flow stats that are already on the network

Question 28

Active Measurement

Answer 28

inject additional traffic to measure various charateristics

Question 29

Why measure network traffic

Answer 29

Billing, Security

Question 30

CIR

Answer 30

Committed Information Rate

Question 31

What are somethings security monitoring checks for

Answer 31

Compromised Host, Botnets, Denial of Service (dos)

Question 32

SNMP

Answer 32

Simple Network Management Protocol

Question 33

MIB

Answer 33

Management Information Base

Question 34

What is MIB used for

Answer 34

Periodically poll the interface to determine the number of bytes or packets being sent to determine the rate

Question 35

What is the advantage of SNMP?

Answer 35

Ubiquitous supported on majority of devices Number of tools available to analysis the data

Question 36

Down side to SNMP

Answer 36

Hard to query. Coarse since just getting the count

Question 37

List 3 passive monitoring types

Answer 37

Packet, flow, snmp

Question 38

Packet Monitoring

Answer 38

Can see full packet content (for packet header)

Question 39

What are some Packet Monitoring tools

Answer 39

tcpdump, ethereal, wireshark, hardware cards

Question 40

Flow monitoring

Answer 40

monitors record statistics per flow

Question 41

What is a flow in flow monitoring

Answer 41

source and destination IP, Source and Destination Part, Protocol type, tos byte, interface, next hop id, source destination AS and prefix, Close together in time

Question 42

Pro Cons Flow vs Packet monitoring

Answer 42

Pro: Less Overhead, Con: more coarse, no packet/payloads

Question 43

Technique to reduce flow level monitoring overhead?

Answer 43

Sampling: builds flow stats y only taking samples of the packets

Question 44

Timing information: Packet, Flow or Both

Answer 44

Packet

Question 45

Packet Headers: Packet, Flow or Both

Answer 45

Packet

Question 46

Number of bytes in each flow: Packet, Flow or Both

Answer 46

Both