Advanced Computer communication laboratory

1
Advanced Computer communication laboratory
Miriam Allalouf

• 2006

2
Subjects

• QoS - Concepts and definitions
• QoS Building Blocks
• Goals of DiffServ
• What is DiffServ
• DiffServ Architecture Classifiers, Traffic
  Profiles, Traffic Conditioning
• PHBs (per-hop behaviors) different types
• IP header structure DS field structure
• DSCP Values
• DiffServ Drawbacks
• Reference

3
QoS - Concepts and definitions

• Quality of Service (QoS) What are we trying to
  control?
• Bounds on the loss, delay, jitter, and minimum
  throughput that a network guarantees to deliver
• Deliver different service levels to network
  applications in support of QoS
• Why improve the QoS
• Enable real-time Video/Audio application
• IP telephony (VoIP), Net meeting
• Permit differentiated pricing of internet service
• Dedicated point to point link through public
  network (VPN)
• Avoid congestion situation (N to 1 problem)
• Bandwidth is easy low latency is hard

4
How to get the QoS in the IP network

• Admission control / Police control
• Is this requester authorized to be granted that
  service type and amount of resource now?
• SLA, Human provision
• Bandwidth management
• Is there enough resource to admit the new request
• BB (Bandwidth Broker), RSVP, IntServ, Human
  provision
• Packet classification
• Classify the packet base on the policy,SA/DA,
  etc. (IntServ)
• Multi field classification, Marking
  (DiffServ,MPLS,VLAN)
• Congestion control/Q management
• Q schedule
• Q management

5
Bandwidth Broker (BB)

• A policy management entity for automating
  resource allocation and provisioning over
  multiple domains
• Logical entity, can be mapped to a single or
  multiple physical entities
• A logical entity residing in each administrative
  domain managing internal demands resources
  according to some policy database (who can do
  what where and when)
• Setting up maintaining bilateral agreement with
  neighbor domains

6
IETF Differentiated Services (DiffServ)

• Why DiffServ?
• There is a clear need for relatively simple and
  coarse methods of providing differentiated
  classes of service for Internet traffic, to
  support various types of applications, and
  specific business requirements (from IETF
  DiffServ Group charter)

7
General Goals of Diffserv

• Offer a spectrum of services without per-flow
  states and signaling in every router
• Provide QoS for aggregates of traffic
• Divide the responsibility of policy
  administration
• Focusing on scalability and deployment

8
Low-level Goals of Diffserv

• Keep the forwarding path simple
• Push complexity to edges of the network
• Make it possible for the dominant Internet
  traffic model to remain best-effort
• Employ an allocation policy compatible with
  long-term and short-term provisioning

9
Diffserv basics

• Use the DSCP field to classify packets into any
  of the 64 possible classes.
• IETF defines per-hop behaviors (PHBs) including
  assured forwarding (AF) and expedited forwarding
  (EF).
• Traffic that is characterized as EF will receive
  the lowest latency, jitter and assured bandwidth
  services which is suitable for applications such
  as VoIP.

10
Diffserv basics (cont.)

• AF allows carving out the bandwidth between
  multiple classes in a network according to
  desired policies.
• Can also add user-defined PHBs, beyond the scope
  of AF EF.
• Thus, DSCP code points other than the ones
  reserved for AF, EF, and best effort service can
  be associated with an arbitrary PHB.

11
DiffServ - Key of operation

• Classify and condition input traffic on
  boundaries and assign to different behavior
  aggregates using DS-fields
• Different forwarding behaviors (PHBs) within the
  core
• Per-Hop Behavior (PHB)
• the externally observable forwarding behavior
  applied at a DS-compliant node to a DS behavior
  aggregate.
• Same mark may be treated differently in different
  hops
• End-to-end service is constructed by
  concatenation of PHBs and policing traffic at
  boundaries along with resource provisioning and
  configuration

12
DS Domain / DS Region

• DS domain - a contiguous set of nodes which
  operate with a common set of service provisioning
  policies and PHB definitions.
• DS region - a set of contiguous DS domains which
  can offer differentiated services over paths
  across those DS domains.

13
DS Region
14
Classifiers

• Packet classifiers select packets in a traffic
  stream based on the content of some portion of
  the packet header
• BA (Behavior Aggregate) Classifier - classifies
  packets based on the DS codepoint only.
• MF (Multi-Field) classifier - selects packets
  based on the value of a combination of one or
  more header fields.
• E.g. src address, dest address, DS field,
  protocol ID, source port and dest port numbers,
  and other info such as incoming interface.

15
DiffServ Classifiers (cont.)

• Packet with same mark treated equivalently they
  form a class called differential service behavior
  aggregate (BA)
• A typical arrangement (Cisco) would be to
  categorize traffic into premium, gold, silver,
  bronze, and best-effort classes.
• Fast classification technique (stateless and
  scale well)

16
Traffic Conditioning

• Traffic conditioning performs some or all of
• metering
• shaping
• policing
• re-marking
• Conditioning - at the edge of the network.
• Need to ensure that the traffic entering the DS
  domain conforms to the rules specified in the
  TCA, in accordance with the domain's service
  provisioning policy

17
Traffic Conditioning (cont.)

• A traffic stream is selected by a classifier,
  which steers the packets to a logical instance of
  a traffic conditioner
• A meter is used (where appropriate) to measure
  the traffic stream against a traffic profile
• The instantaneous state of this process may be
  used to affect the operation of a marker, shaper,
  or dropper, and/or may be used for accounting and
  measurement purposes.

18
Traffic Profiles

• Specifies the temporal properties (e.g. rate) of
  a traffic stream selected by a classifier.
• Provides rules for determining whether a
  particular packet is in-profile or
  out-of-profile.
• E.g. a profile based on a token bucket may look
  like codepointX, use token-bucket r, b
• out-of-profile packets are those packets in the
  traffic stream which arrive when insufficient
  tokens are available in the bucket

19
Traffic Conditioning (cont.)

• When packets exit the traffic conditioner of a DS
  boundary node the DSCP of each packet must be set
  to an appropriate value (done by the Marker)
• Shapers delay some or all of the packets in a
  traffic stream in order to bring the stream into
  compliance with a traffic profile.
• A shaper usually has a finite-size buffer, and
  packets may be discarded if there is not
  sufficient buffer space to hold the delayed
  packets.
• Droppers discard some or all of the packets in a
  traffic stream in order to bring the stream into
  compliance with a traffic profile. This process
  is known as "policing" the stream.
• a dropper can be implemented as a special case of
  a shaper by setting the shaper buffer size to
  zero (or a few) packets.

20
DiffServ Traffic Conditioner Block (TCB)
21
Location of Traffic Conditioners

• Traffic conditioners are usually located within
  DS ingress and egress boundary nodes
• They may also be located in nodes within the
  interior of a DS domain, or within a
  non-DS-capable domain.

22
DiffServ Architecture
23
Basic Definitions

• Average Rate how many packets can be sent
  over a time interval (measured over long time
  interval)
• Peak Rate
• measured over short time interval
• Burst Size number of packets sent
  consecutively

24
Basic Definitions

• Microflow
• a single instance of an application-to-applicati
  on flow of packets, identified by
• ltsrc_addr, src_port,dest_addr, dest_port,
  protocol_idgt
• SLA (Service Level Agreement)
• a set of parameters and their values which
  together define the service offered to a traffic
  stream by a DS domain.

25
Types of PHBs

• Expedited Forwarding (premium Service)
• Low latency
• Low loss
• Low jitter
• Assured BW
• No queues in the path (or Low Latency Queuing -
  LLQ)
• VoIP, video, online trading programs

26
Types of PHBs (cont.)

• 2. Assured Forwarding (better than Best-Effort)
• Low loss
• Higher BW share
• No guarantee on latency
• Upon congestion protect AF marked packets and
  drop BE first.

27
Assured Forwarding (AF)

• Goal
• Assuring a minimum throughput
• Allowing to consume more bandwidth when the
  network
• load is low
• Different levels of forwarding assurances
• Intended mainly for data

28
AF PHB Group

• Four independently forwarded AF classes, and
  within each AF class, three levels of drop
  precedence (two okay).
• Drop precedence of a packet determines the
  relative importance of the packet within the AF
  class. A congested AF node preferably discards
  packets with a higher drop precedence value
• Packets with the lowest drop precedence value are
  assumed to be within a subscribed profile.
• An AF- compliant node allocates resources
  sufficient to achieve (at least) the configured
  service bandwidth over both large and small time
  scales.

29
AF - Requirements

• All four AF classes should be implemented
• No aggregation of several AF classes
• A DS node does not reorder IP packets of the same
  microflow if they belong to the same AF
  class.
• When AF packets are tunneled, the PHB of the
  tunneling packet must not reduce the forwarding
  assurance of the tunneled AF packet.

30
Building Blocks

• Packet classification
• Token Bucket
• Shaping Leaky Bucket
• Q management
• Drop tail Queue
• RED queue

31
Token Bucket

• Limit the burst size and the average rate
• Over time interval t up to rt b packets
  admitted

32
Meter

• Parameters
• CIR Committed Information Rate (SLA )
• CBS Committed Burst Size
• EBS Excess Burst Size
• Two Token Buckets, initially full
• Token Bucket C size CBS
• Token Bucket E size EBS
• Updated CIR times per second

33
Packet MarkingA Single Rate Three Color Marker
new packet B bytes
Bucket E has enough tokens
Bucket C has enough tokens
Yes
Yes
No
color green
color yellow
No
color red

• The Marker reflects the metering result by
  setting the DS field of the
• packet to a particular codepoint.

34

• Shaper - The leaky bucket algorithm
• Example
• Output rate 2MBps
• Burst size 1MB ? 500ms
• Burst size 25MBps ?40ms

35
AF Queuing Dropping

• Long-term congestion drop packets
  Short-term congestion enqueue packets
• Treat all packets within the same class/drop
  precedence identically no advantage to any
  microflow. Flows with different short-term burst
  shapes, but same longer term packet rates should
  have packets discarded with the same probability
• Discard packets gradually, for example, use RED

36
DiffServ AF Drpoping

• 4 AFx classes (AF1, AF2, AF3, and AF4).
• Each class is assigned a certain amount of buffer
  space and interface BW.
• 3 drop precedence values for each AFx class.
• ? Thus
• congestion in a DS-node on a specific link ?
  packets of AFx need to be dropped ?
• packets in AFxy will be dropped such that the
• dP(AFx1) lt dP(AFx2) lt dp(AFx3),
• where dP(AFxy) is the probability that packets
  of the AFxy class will be dropped.

37
Q mng Packet Dropping Tail Drop

• Tail Drop packets are dropped when the queue is
  full
• causes the Global Synch. problem with TCP

Queue Utilization
100
Time
Tail Drop
38
Packet Dropping RED

• Proposed by Sally Floyd and Van Jacobson in the
  early 1990s
• packets are dropped randomly prior to periods of
  high congestion, which signals the packet source
  to decrease the transmission rate
• distributes losses over time

39
RED - Implementation

• Drop probability is based on min_threshold,
  max_threshold, and mark probability denominator.
• When the average queue depth is above the minimum
  threshold, RED starts dropping packets. The rate
  of packet drop increases linearly as the average
  queue size increases until the average queue size
  reaches the maximum threshold.
• When the average queue size is above the maximum
  threshold, all packets are dropped.

40
RED (cont.)
1
AF12
AF11
drop prob.

av. queue size
0
min1
max1
min2
max2

• Buffer occupancy calculation
• for in-profile packets only in-profile packets
  count
• for out-of-profile packets in-profile
  out-of-profile

41
AF and other PHB Groups

• Any other PHB Group can coexist with AF, but the
  following
• should be documented
• What group can preempt the forwarding to each AF
  class
• Sharing of the excess resources (e.g. allocating
  them evenly between AF classes and Default PHB)

42
Types of PHBs (cont.)

• Best-Effort
• No guarantees or QoS
• The type of traffic currently supported by the
  Internet

43
IPv4 and IPv6 Headers
44
The Original IPv4 ToS Byte
45
DS field structure
                             

• Packets can be marked with an arbitrary DSCP
  value / standard values, corresponding to the
  appropriate AF, EF or user define class.

46
DSCP Values

• The codepoint for best-effort traffic will be set
  to "000000".
• EF is designated by the code-point "101110".
• AF 12 PHBs 4 classes ( 4 Queues)
  each with 3 drop preferences

47
DiffServ AF Codepoint Table
48
DiffServ AF Codepoint Table (cont.)
Assured Forwarding
AF23
49
Baking the DiffServ Pie

• The DS-Region is composed of one or more
  DS-Domains, possibly under multiple admin
  authorities
• Each DS-Domain in turn is prepared by using the
  DSCP and the different PHBs.
• The DiffServ recipe is defined in the SLA,
  or policy.
• For true QoS, the entire IP path that a packet
  travels must be DiffServ enabled.

50
Baking the DiffServ Pie (cont.)

• AF - The rough equivalent of the IntServ
  Controlled Load Service.
• BAs are given different forwarding assurances.
• For example, traffic can be divided into gold,
  silver, and bronze classes
• Gold - allocated 50 of the available link BW
• Silver - allocated 30 of the available link BW
  
• Bronze - allocated 20 of the available link BW

51
Baking the DiffServ Pie (cont.)

• An example service policy
• EF gets 10, Gold 40, Silver 30, Bronze 10,
  and Best Effort traffic the remaining 10 of the
  bandwidth.
• Gold, Silver, and Bronze could be mapped to AF
  classes AF1, AF2, and AF3 for example.
• This can be enforced in any part of the cloud,
  including end-to-end.

52
DiffServ Architecture
53
DiffServ concept - summary

• Packets are classified at the edge of the network
• PHBs are applied on each network element,
  providing the packet the appropriate delay-bound,
  jitter-bound, bandwidth, etc.
• Result a scalable QoS solution for any given
  packet, and thus any application.

54
DiffServ concept summary (cont.)

• Thus, in DiffServ
• signaling for QoS is eliminated
• the number of states required to be kept at each
  network element is drastically reduced,
• Result a coarse-grained, scalable and end-to-end
  QoS solution.

55
Problems
56
TCP RTT

• Reminder the larger the RTT, the more time is
  needed to recover after a packet loss.
• For over-provisioned (less traffic than req.)
  networks, each flow will receive its target rate,
  but with unfair sharing of the excess bandwidth
• For under-provisioned networks, the high RTT
  flows will be further away from the target flow

57
Combining TCP and UDP Flows

• Reminder TCP reacts to a packet loss by halving
  its window and then slowly increases
  transmission of packets.
• TCP UDP share the same class and drop
  precedence.
• UDP flows will starve the TCP flows in
  under-provisioned networks and could obtain more
  excess bandwidth in the over-provisioned case
• Solution TCP UDP share the same class but with
  different drop precedence
• TCP flows are protected from the UDP flows by
  different drop prec.

58
Number of Flows in Aggregate

• The SLA is on the aggregate flow, so it's
  possible that various organizations will have
  different number of microflows while subscribed
  to the same target rate
• The aggregate with larger number of flows will
  get more share of the bandwidth (in
  over-provisioned and under-provisioned cases).
• The reason more flows compete for the resources
  !

59
More Considerations

• Variation in Packet Size
• Flows with the same RTT but different packet
  sizes can achieve different share of the
  excess bandwidth
• Size of the Target Rate
• The recovery time after the packet drop when
  the target size is big it'll take more time to
  regain it, so this should be taken in
  consideration when marking

60
Some Better Techniques

• The solution could be at the marker, dropper or
  the sender
• Inverse Rate Drop policy.
• Higher Service Level/Target Rate need more time
  to recover after a packet loss. So, the dropper
  should take it into account and drop packets with
  a higher service level with lower probability.
• Two-Windows TCP
• Using 2 congestion windows reserved and
  excess. Requires to inform the sender about
  coloring of its packets, TCP stack change