920 likes | 1.04k Views
Making the Grade: Ensuring Application Performance in an Education Network Presented By: Sean Applegate Mid-Atlantic Systems Engineer. High-Speed Backbone. High-Speed LAN. WAN Access Link Bottleneck. T-1 – OC3. OC-3, OC-12, OC-48, OC-192. 10/100/1000. The Bottleneck.
E N D
Making the Grade: Ensuring Application Performance in an Education Network Presented By: Sean Applegate Mid-Atlantic Systems Engineer
High-Speed Backbone High-SpeedLAN WAN Access Link Bottleneck T-1 – OC3 OC-3, OC-12, OC-48, OC-192 10/100/1000 The Bottleneck Problem: Traffic on the high-speed LAN hits the lower-speed WAN access link and congestion (queuing/dropped packets) occur.
Introductory Questions • How many people here own a PacketShaper? • How many people here are evaluating a PacketShaper? • How many people have NEVER heard of Packeteer or the PacketShaper? • How many people don’t know what your top 10 applications are and the percent of bandwidth they are using? • How many people are considering increasing WAN bandwidth speeds? • How many people are using other bandwidth mgnt or policing technologies to control traffic?
Mission-critical applications are critical to education All traffic is not created equal Streaming Video Citrix Client/Svr Apps Applications Drive Today’s Educational Institutions + eMail File Transfers TCP / IP Application-Neutral Mission-Critical Web Surfing Streaming Music, Quake, etc. Peer-to-Peer - - + Time-Sensitive
What am I spending my $ on? Are you spending 60-85% of your WAN budget on P2P applications?
Agenda • Who is Packeteer? • What is PacketShaper? • Who is using PacketShaper? • Implementing Packeteer's Four Step Process • - Classify • - Analyze • - Control • - Report • Summary • Questions
Packeteer Fact Sheet • Founded in 1996, Pioneer of Proactive Bandwidth Management • Headquarters in Cupertino, CA • US Offices: New Jersey, Chicago, Atlanta, Dallas, Seattle, Washington D.C., San Diego • Offices Abroad: Netherlands, Hong Kong, Japan, and Australia • Regional Resellers • Employees: 197 • Customer proven • Shipping since February 1997 • Thousands of PacketShapers shipped worldwide • 5th generation of software
AppVantage™ Application Subscriber Management Solutions AppCelera™ Internet Application Acceleration Solutions Packeteer Product Family PacketShaper™ PolicyCenter™ Internet Bandwidth Management Solutions Central Configuration Management
Industry Leading QoS Solution CMP Network Telecom: Network Infrastructure Product of the Year - 2001 Firmware, Real-time OS (PSOS) Classifies 350+ Apps at OSI Layers 2-7 Uses Patented TCP Rate Control to proactively control application traffic and prevent queuing and reduce latency. Over 55 measurement variables for detailed analysis Managed through an onboard web interface and CLI, no external hardware/software required Becomes a piece of wire if it fails What is PacketShaper?
PacketShaper Product Line PacketShaper 1500 Series Up to 2 Mbps WAN capacity PacketShaper 2500 Series Up to 10 Mbps WAN capacity PacketShaper 4500 SeriesUp to 45 Mbps WAN capacity PacketShaper 6500 SeriesUp to 100 Mbps WAN capacity
Typical k-12 School District Topology PacketShapers at each shool to manage school-to-district office and school-to-school traffic Internet PacketShaper to manage the Internet link
Stanford Univ California Tech Yale Univ Vanderbilt Univ Univ of Miami Texas A&M Clemson Univ Univ of Notre Dame All Universities of California Case Western Reserve Univ Ohio Northern Univ Dartmouth College Howard Univ Univ of Dayton Miami Univ Case Western Reserver Univ Cleveland State Univ Xavier Univ Youngstown State Denison Univ Bowling Green Univ Capital Univ …Ohio has more higher ed users than any other state in the US. …A Sites are catching up fast! 380+ Higher Education Customers in US Higher Ed Customers in the US: Ed Customers in Ohio:
A Complete Solution Our Example Customer: Randolph Macon College • Problems: • Congested WAN Link • Poor Visibility at App Layer • Poor Response Times • Needed to get control • Needed better WAN ROI
Step 1: Classify - What’s Running on My Network? Automatically Classify 350+ Apps at OSI Layers 2-7 Application PacketShaper 7 Presentation 6 • Peer-to-Peer Apps: • Aimster • AudioGalaxy • CuteMX • DirectConnect • Gnutella • Hotline • iMesh • KaZaA/Morpheus • Napster • ScourExchange • Tripnosis…. • Some Other Apps: • H.323 • RTP-I/RTCP-I • PASV FTP • HTTP • Real • WinMedia • Shoutcast • MPEG • Quicktime • RTSP • Chatting Apps • Games Session 5 4 Transport Most Routers Switches 3 Network 2 Data Link 1 Physical If you can’t classify it you can’t shape it!
Step 1: Classify – Traffic Class Criteria • Inbound/Outbound (travel direction) • Protocol family • Service (very diverse, see online list) • Inside/Outside (location of relevant server) • Port(s) • Service Proxy • IP Address, MAC Address, host name, or host list • Subnet Mask • URL (including wildcards) • Further details (criterion) for Citrix-ICA, Oracle-netv2, HTTP 1.1, RTP-I • Diffserv, IP Precedence, COS/TOS
Step 1: Classify – Manual Class Creation 1. From the MANAGE screen, select the parent class from the traffic tree 2. Click on CLASS, then ADD 3. Define traffic’s criteria (details on the next slide).
Step 1: Classify – Matching Rules • Classes are made up of matching rules • Classes can have many matching rules • multiple matching rules are OR’d together • 1 rule for each of 3 servers. • single matching rules are AND’d together • 1 rule that catches traffic from a specific server to a specific client.
Step 1: Classify – More on Matching Rules • The definition of the traffic in a class is a matching rule • It’s a collection of values for the criteria we listed • Traffic Discovery defines matching rules for the classes it creates • You define matching rules for the classes you create
Step 1: Classify – Adv. Matching Rules In addition to the basic criteria, such as IP address and port numbers, the following advanced options are available: • Host Lists • Details for Citrix, Oracle, HTTP 1.1 and RTP • Diffserv and IP COS/TOS
Step 1: Classify – Host Lists Instead of a single IP address or a range of IP addresses, specify a list of hosts. Lets you take advantage of LDAP directory services.
Step 1: Classify – Application Criteria Citrix-ICA, Oracle-netv2, HTTP 1.1, and RTP-I can be further classified using the Matching Rule Criterion field: • Citrix-ICA: by published application, client name or priority level* • Oracle-netv2: by database name • HTTP 1.1 by DNS name or IP address • RTP-I (real-time protocol for media streaming) by Encoding Name, Media Type ("a" for audio, "v" for video), or Clock Rate (8000, 16000, 44100, 90000)
Step 1: Classify – Diffserv, COS/TOS … Diffserv Code Point (DSCP) (6-bit field) Value of 0-63 • COS - Class of Service (3-bit field) IP precedence value 0-7 • TOS - Type of Service (4-bit field) • 802.1q/ISL VLANs • MPLS
Step 1: Classify - Other Settings Type, Traffic Discovery(within class), Top Talkers/Top Listeners, RTM, Comments
Step 1: Classify – Traversing the Class Tree • PacketShaper examines all passing traffic. - Every flow must be assigned to a class. • It traverses the tree to find the traffic’s correct class. • Traversal starts at the top • If you have a special-case class you want searched first, make it an Exception class. Example: All PCs in a subnet to be treated the same except one. E.g.: DifferentPC SubnetA SubnetB
55 Applications AutoDiscovered 6 Peer-to-Peer (circled) 7 Streaming 3 Chat 5 Games And the usual Internet and network service protocols Step 1: Classify – RMC After 24 Hrs This traffic tree was automatically built by turning on Traffic Discovery. Only shows applications on the network.
Step 2: Analyze • Click Report in the PolicyConsole navigation bar. • You’ll see 3 graphs for the Inbound link and 3 graphs for the Outbound link: • Link Utilization • Network Efficiency • Top 10 Classes • Shows what’s competing for the bandwidth.
Step 2: Analyze - Monitor Tab RTM Summary Class Hits/Rates tell you how busy a service is Top Talkers/Top Listeners tell you which IP addresses are using the most bandwidth
Step 2: Analyze - Top Talkers / Listeners • Enable up to 12 top talkers/listeners (total). • Create classes for top users.
Step 2: Analyze - Response-Time Summary View delay statistics for all measured classes:
Step 2: Analyze - Transaction Delay Is my network causing problems? Or is it one of my servers?
Step 2: Analyze – Delay Distribution Who is the most common culprit? The Server or The Network? Approx. 90% of transactions at the server experience 0 sec delay Approx. 75% of transactions experience .1 sec delay on the network—Here’s our culprit!!
Step 2: Analyze – Response Times Why measure response time? • Quantify performance. • Identify performance problems. • Develop strategies for bandwidth management, server balancing, and topology upgrades. • Assess results after you’ve made configuration changes.
Step 2: Analyze - Measuring Delay • Server Delay - # of ms the server uses to process a client’s request after all data received. • Total Delay - # of ms from client’s request to receipt of response. • Network Delay = Total Delay - Server Delay • Round-Trip Time (RTT) is the # of ms for client-server exchange of precisely one packet.
Step 2: Analyze - RMC Link Performance • Inbound Link avg & peak bps - Link is fully congested, observe how close the avg & peak bps are. - What are my top 10 types of traffic?- Am I using this for recreational or business use? 30% of all TCP data is retransmitted Approx 1/3 of the WAN budget is wasted (~$700/month). % of TCP Retransmitted Bytes
Step 2: Analyze – RMC – Top Applications Over 72% P2P FTP KaZaA Gnutella iMesh HTTP KaZaA iMesh HTTP Gnutella
Step 2: Analyze – RMC – HTTP/SSL Response Times • Users are waiting 2+ secs for each HTTP connection to complete Users are waiting 3 to 8+ secs for each SLL connection to complete
Step 3: Control – How Do I Control Performance? • Set policies to control performance • Per-flow minimum/maximum bandwidth policies • Per-user minimum/maximum bandwidth policies • Priority-based policies • Admissions Control • Partitions for control of aggregate flows • PacketShaper implements TCP Rate Control • Control when and how much data end-systems transmit • Using industry-standard TCP/IP • Manage traffic flows and aggregate classes with bits-per-second accuracy
Step 3: Control – Priority Policies A Priority policy has only one parameter Low High 0 1 2 3 4 5 6 7
Step 3: Control – Priority Policy Guidelines Use a priority policy: • When rate is not your primary objective • If traffic does not burst (surge) • If traffic is latency-sensitive • If high-priority flows are small, orif low-priority flows are large but not bursty Priority policies are appropriate for interactive traffic like TN3270 or Telnet (latency-sensitive, don’t burst, small)
Step 3: Control – Rate Policy Guidelines • Guarantee each flow a minimum bits-per-second rate • Give each flow prioritized access to excess bandwidth • Keep a lid on surging, bandwidth-hungry flows • Guard mission-critical flows • Give delay-sensitive flows a chance • Make sure behind-the-scenes TCP Rate Control is active Remember not to over-commit guaranteed rates!
Step 3: Control – Never-Admit Policies Use a Never-Admit policy: • For TCP or Web traffic, to block a session and inform the user
Step 3: Control – Discard Policies • When you simply want to toss all packets for a traffic class. • Block a service • Provide security • Recommended for blocking non-TCP classes because they’re not session-oriented
Step 3: Control – Ignore Policies Ignore policies: • Treat traffic as pass-through • Exempt a traffic class from bandwidth management • PacketShaper does not count the statistics
Step 3: Control – How flows Compete for Excess Rate policies are satisfied first! Then, at each priority level, rate policies are given their burstable chunks and priority polices get what they want.
Flow A Rate (5) 10k Flow B Priority 4 Flow C Rate (3) 5k 10(10) 0 5(5) Guaranteed Rate: 0(10) 0 0(5) Priority 7: 0(10) 0 0(5) Priority 6: 10(20) 0 0(5) Priority 5: 10(30) 65(65) 0(5) Priority 4: 0(30) 0(65) 0(5) Priority 3: 0(30) 0(65) 0(5) Priority 2: 0(30) 0(65) 0(5) Priority 1: 0(30) 0(65) 0(5) Priority 0: Step 3: Control –How Flows Compete For Demand