Transcript Slide 1
Association of Communications Engineers Corralling the Broadband Stampede May 7 – 9, 2012 Fort Worth, Texas Association of Communications Engineers Using Packet Shapers in Networks S: 208.4.1.9 D: 12.201.11.5 TCP 80 HTTP GET: w.google.com ww Presented by: Greg Johnson, CCIP Finley Engineering Company, Inc. [email protected] What is “Traditional” Packet Shaping? Packet Shaping is the process of optimizing performance for certain network flows at the expense of other flows when the network becomes congested. A Packet Shaper can improve: • Latency • Jitter • Packet Loss What is “Traditional” Packet Shaping? Traditional IP routers do packet shaping based on QOS technology built into the router. These routers usually classify traffic based on the layer-2 and/or layer-3 headers: • 802.1p • IP Precedence or DSCP Traffic is classified, marked at the edge and then shaped and/or policed throughout the routing domain. What is a Deep Packet Inspection (DPI)? DPI is the ability of a network device to evaluate layer-2 through layer-7: • Network visibility by the service provider • Packet forwarding decisions (queuing, shaping, policing) L1 L2 L3 L4 L5 L6 L7 <html> Src IP: 192.168.1.1 – Dst IP: 172.16.1.1 Src MAC: 5c26:0a4a:0260 – Dst MAC: ca00:1464:0008 <body> . . </body> </html>> How DPI Identifies Traffic? Packet Shaping works by inspecting the “payload” of IP packets: • Tracks “state” information • Looks for certain traffic type signatures (e.g. peer-topeer traffic, denial-of-service attacks, SIP, MGCP, RTP, OTT video) • Can track bandwidth consumption and packet flow rate How DPI Associates Traffic with a Subscriber? Packet Shapers can associate traffic to a subscriber by monitoring: • RADIUS Auth/Start/Stop Records • DHCP Option-82 data (associate subscriber with a DSLAM/OLT Port) • MSISDN in mobile wireless networks The above methods are used to associate a subscriber with an IP address. DPI for Network Monitoring The Deep Packet Inspection (DPI) function of a Packet Shaper is a valuable tool for Network Operators: • Bandwidth trends analysis • Customer bandwidth troubleshooting • Virus, Worm and DDOS attack recognition DPI as a “Sales and Marketing” Tool A DPI device can capture and retain historical usage data that can be used to: • Up-sell a subscriber to a faster speed service (packet shaper used to police subscriber data service) • Up-sell a subscriber to a premium service where traffic is prioritized and queued based on content type (e.g. voice, video and web traffic) DPI for Equal Access to Network Resources DPI devices can be used to enhance or add queuing strategies for legacy and over-subscribed networks: • Many legacy BRAS devices lack the queue depth to implement equal access queuing (e.g. WFQ) • Many legacy access devices (e.g. DSL and fixed wireless) can be overwhelmed by frame/packet rates before bandwidth saturation ever occurs DPI in a Mobile Network Characteristics of a wireless mobile network: • Bandwidth is a finite resource (even in the 4G/LTE world) • Smart phones, tablets and new applications are increasing the demands on the network • Bandwidth demands will always outpace the bandwidth that a wireless network can provide DPI in a Mobile Network Uses of Packet Shaping/DPI in the Wireless Network: • Bandwidth usage accounting • Rate limiting based on subscriber packages • “On network – Off network” identification and restrictions • Portal redirection for service upsells Evolution of DPI DPI functionality was originally a dedicated appliance “bump in the wire” that was transparent to the rest of the network. It was typically deployed as a layer-2 Ethernet device that sat between the access networks and an Internet edge router. Evolution of DPI Router, switch and access equipment vendors are now starting to build DPI functionality into their network devices. • Provides network visibility closer to the subscriber • Provide custom networking QOS on the subscriber loop (or RF connection) Why DPI is a Critical Tool for the Service Provider • Networks are becoming more “service and application centric” – “Building the Smart Network” • Network visibility at the application layer is critical • SLAs and Cloud Computing are placing QOS requirements on the Service Provider DPI, Privacy and Net Neutrality • Consideration should be given to current Net Neutrality rules when policing and queuing subscriber data • Your posted privacy policy should describe how you will use data that is collected and retained from DPI functions in your network Questions on this?......Consult your Attorney!