Differentiated Services for the Internet Selma Yilmaz

1
Differentiated Services for the InternetSelma
Yilmaz
2
Current paradigm Same type of service to
all trafficGoal Give better service to
some applicationsWhy?

• some applications need it, such as voice and
  video
• some users need better traffic control, such as
  ISPs
• will lead to healthy economic and service
  environment

3
Idea Combine two existing schemes
Assured service and Premium service

• Use one bit of IP header for service
  differentiation
• Bandwidth is a resource that is being requested
  and allocated
• Allocate bandwidth to different users in a
  controllable and predictable way during the
  network congestion
• Keep complexity to edges
• Keep forwarding path simple

4
Assured Service (Expected capacity framework )
better best effort

• Define a service profile for each user
• Traffic specifications
• what is provided to the customer (ex 5Mbps
  average throughput)
• Scope
• to where this service is provided (ex specific
  destination, group of
• destinations )
• Probability of assurance
• level of assurance of the provided service
• Monitor the traffic of each user as it enters the
  network

5
Assured Service (cont.)

• Tag packets as In or Out of their service
  profiles (Profile meter)
• At each router, if congestion occurs,
  preferentially drop packets whose tag is Out
  (RIO)
• The packets of all users are aggregated into one
  queue
• BUT
• different users have different quantities of
  In packets depending on their profile

6
Assured Service (cont.) RIO Random Early Drop
Gateways with In/Out bit

• Discriminates against Out packets in times of
  congestion
• Uses twin RED algorithms one for Ins and one for
  Outs

1) min_outltmin_in 2) Pmax_outgtPmax_in 3)
max_outltmax_in
P(drop_out)
P(drop-in)
1
1
Pmax_out
Pmax_in
avg_total
avg_in
min_out
max_out
min_in
max_in
7
Assured Service (cont.)

• Does not describe a strict guarantee
• The assurance that user gets
  Assured service traffic flow is unlikely to be
  dropped as long as it stays within the profile.
• Excess traffic does not have the same assurance
  level

8
Premium Service (Virtual Line)

• Service levels are specified as a desired
  peak-bit-rate for a specific flow
• The user contract with network
  not to exceed the peak rate
• Network contract with user
  the contracted bandwidth will be available
• when traffic is sent

9
Premium Service (cont.)
A trust region
H4
H5
H6
H9
Leaf 3
Ingress point
Egress point
H8
ISP border router
Border router
H7
Leaf 2
Leaf 1
Policies marked aggregate traffic to purchased
amount, discard excess amount
H3
H2
H1
10
Premium Service (cont.)

• First-hop routers
• has been configured to match a flow from hosts
  and destinations IP address
• set P-bit of flows that match a premium service
  specification
• do traffic shaping to smooth bursts before they
  enter the network
• Routers along the path (within an intranet)
• use two levels of priority queuing and send
  marked packets first

11
Adjacent administrative domains have agreement on
packet rate of aggregate P-traffic and discard
packets that exceed the rateAn egress border
router may do some reshaping on aggregate
premium traffic to conform the rate
agreed uponAn ingress border router drop
the packets that are exceeding the rate
(token bucket)
Premium Service (cont.)
12
Premium Service (cont.)

• Two-bit differentiated services architecture
• There is demand for both services
• Not conflicting each other
• Allow both services together
  A-bit, P-bit in IP header
• Design Constraints - Scaling
• Push all the state to the edges
• Force all per-flow work to the edges (like
  shaping and policing)

13
Leaf router input functionality
Premium Service (cont.)

• Packet classifier
• which packet belongs to which flow based on IP
  header
• Marker
• configured from usage profile for that flow
• service class (P/A), peak rate for P and rate
• permissible burst size for A

14
Premium Service (cont.)
Markers to implement the two different services

• Token bucket fills at the flow rate specified in
  usage
• profile
• For a premium flow, marker will hold packets
  when
• necessary to enforce their configured rate
  (Packets may
• be dropped)

15
Premium Service (cont.)
Router output interface
Must have two queues Service premium packets
first
yes
P-bit set ?
High-priority
Packets out
no
Low-priority
If A-bit is set, A_count
RIO queue management
If A-bit is set, A_count--
16
Premium Service (cont.)

• Inter-domain trafficAgreement between adjacent
  administrative domains must specify
• peak rate for all P traffic
• rate and burst for A traffic
• Profile meter at the ingress of a trust region
  enforces the rates by using token bucket

17
Premium Service (cont.)
Border router input interface Profile Meters
Clear A bit
No
Token available?
A set
Token
Arriving packet
Is packet marked?
Forwarding engine
Not marked
Token
P set
Token available?
Drop packet
No
18
Discussion
Premium Service (cont.)

• Shapers are at the edge of the network Per flow
  state info is at the edge
• Routers internal to a trust region do not need to
  do traffic shaping priority queuing and
  preferential drops
• Border routers may need/desire to do shape the
  aggregate flow of marked packets at egress

19
Premium Service (cont.)

• If these services becomes insufficient, add other
  kinds of service levels
• More queue levels can be added for P-traffic,
  more drop priority levels may be added to A bit
  traffic
• What if after implementing an architecture for
  both services, experience shows that only one is
  needed?
• Unnecessary implementation cost

20
How to allocate the level of marked traffic?
Premium Service (cont.)

• Allocation process of making marked traffic
  commitments
• Per-call dynamic set up Good
  resource efficiency, poor cost control
• Pre-configuring of usage profiles
  Good cost control, bad resource efficiency
• Both are extremes
• Aggregate demand can always be split into two
  components predictable and exceptions

21
Bandwidth Brokers (BB)
Premium Service (cont.)

• Repository of a policy database that keeps the
  information who can do what and when within a
  trust region
• Only BB can configure the leaf routers
• If dynamic allocation is possible, each adjacent
  domains BB negotiate and configure the rate and
  a service class (P/A) across the shared boundary

22
BB setting profiles in Leaf Routers
H4
H5
H6
H9
Leaf 3
H8
ISP border router
Border router
H7
Leaf 2
BB
Leaf 1
V
H3
H2
H1
23
BB setting profiles in Leaf Routers
H4
H5
H6
H9
Leaf 3
H8
ISP border router
Border router
H7
Leaf 2
BB
Leaf 1
V4 to D8 P_at_128kb/s 1pm-3pm signedV
V
H3
H2
H1
24
BB setting profiles in Leaf Routers
H4
H5
H6
H9
Leaf 3
H8
ISP border router
Border router
V4gtd8 P_at_128kb/s
H7
Leaf 2
BB
Leaf 1
Classifier Rate Type V4gtD8 128kb/s
P
V4 to D8 P_at_128kb/s 1pm-3pm signedV
V
H3
H2
H1
25
End-to-end example with static allocation
ESNet
NEARNet
10 to D
10 to D
10 to D
LBL
MIT
10
50
100
BB
BB
BB
BB
10 kbs to D
ok
V
ok
ok
D
ok
Peer Policy Total Used NearNet ask
10 10 LBL lt50 ok 100 30
Peer Policy Total Used ESNet ask
0 0 MIT lt50 ok 50 20
26
References

• A Two-bit Differentiated Services Architecture
  for the InternetK. Nichols, V. Jacobson, L.
  Zhang
• Explicit Allocation of Best Effort Packet
  Delivery ServiceD. Clark, W. Fang