Transcript Slide 1
Association of Communications Engineers
Corralling the Broadband Stampede
May 7 – 9, 2012
Fort Worth, Texas
Association of Communications Engineers
Using Packet Shapers in
Networks
S: 208.4.1.9
D: 12.201.11.5
TCP 80
HTTP
GET:
w.google.com
ww
Presented by:
Greg Johnson, CCIP
Finley Engineering
Company, Inc.
[email protected]
What is “Traditional” Packet Shaping?
Packet Shaping is the process of optimizing
performance for certain network flows at the expense
of other flows when the network becomes congested.
A Packet Shaper can improve:
• Latency
• Jitter
• Packet Loss
What is “Traditional” Packet Shaping?
Traditional IP routers do packet shaping based on QOS
technology built into the router. These routers usually classify
traffic based on the layer-2 and/or layer-3 headers:
• 802.1p
• IP Precedence or DSCP
Traffic is classified, marked at the edge and then shaped and/or
policed throughout the routing domain.
What is a Deep Packet Inspection (DPI)?
DPI is the ability of a network device to evaluate layer-2 through
layer-7:
• Network visibility by the service provider
• Packet forwarding decisions (queuing, shaping, policing)
L1
L2
L3
L4
L5
L6
L7
<html>
Src IP: 192.168.1.1 – Dst IP: 172.16.1.1
Src MAC: 5c26:0a4a:0260 – Dst MAC: ca00:1464:0008
<body>
.
.
</body>
</html>>
How DPI Identifies Traffic?
Packet Shaping works by inspecting the “payload” of IP
packets:
• Tracks “state” information
• Looks for certain traffic type signatures (e.g. peer-topeer traffic, denial-of-service attacks, SIP, MGCP,
RTP, OTT video)
• Can track bandwidth consumption and packet flow
rate
How DPI Associates Traffic with a
Subscriber?
Packet Shapers can associate traffic to a subscriber by
monitoring:
• RADIUS Auth/Start/Stop Records
• DHCP Option-82 data (associate subscriber with a
DSLAM/OLT Port)
• MSISDN in mobile wireless networks
The above methods are used to associate a subscriber
with an IP address.
DPI for Network Monitoring
The Deep Packet Inspection (DPI) function of a Packet
Shaper is a valuable tool for Network Operators:
• Bandwidth trends analysis
• Customer bandwidth troubleshooting
• Virus, Worm and DDOS attack recognition
DPI as a “Sales and Marketing”
Tool
A DPI device can capture and retain historical usage data
that can be used to:
• Up-sell a subscriber to a faster speed service (packet
shaper used to police subscriber data service)
• Up-sell a subscriber to a premium service where
traffic is prioritized and queued based on content type
(e.g. voice, video and web traffic)
DPI for Equal Access to Network
Resources
DPI devices can be used to enhance or add queuing
strategies for legacy and over-subscribed networks:
• Many legacy BRAS devices lack the queue depth to
implement equal access queuing (e.g. WFQ)
• Many legacy access devices (e.g. DSL and fixed
wireless) can be overwhelmed by frame/packet rates
before bandwidth saturation ever occurs
DPI in a Mobile Network
Characteristics of a wireless mobile network:
• Bandwidth is a finite resource (even in the 4G/LTE
world)
• Smart phones, tablets and new applications are
increasing the demands on the network
• Bandwidth demands will always outpace the
bandwidth that a wireless network can provide
DPI in a Mobile Network
Uses of Packet Shaping/DPI in the Wireless Network:
• Bandwidth usage accounting
• Rate limiting based on subscriber packages
• “On network – Off network” identification and
restrictions
• Portal redirection for service upsells
Evolution of DPI
DPI functionality was originally a dedicated appliance
“bump in the wire” that was transparent to the rest of the
network. It was typically deployed as a layer-2 Ethernet
device that sat between the access networks and an
Internet edge router.
Evolution of DPI
Router, switch and access equipment vendors are now
starting to build DPI functionality into their network
devices.
•
Provides network
visibility closer to the
subscriber
•
Provide custom
networking QOS on
the subscriber loop
(or RF connection)
Why DPI is a Critical Tool for the
Service Provider
• Networks are becoming more “service and application
centric” – “Building the Smart Network”
• Network visibility at the application layer is critical
• SLAs and Cloud Computing are placing QOS
requirements on the Service Provider
DPI, Privacy and Net Neutrality
• Consideration should be given to current Net
Neutrality rules when policing and queuing subscriber
data
• Your posted privacy policy should describe how you
will use data that is collected and retained from DPI
functions in your network
Questions on this?......Consult your Attorney!