1 / 48

Necessary Control for Today’s Networks

Necessary Control for Today’s Networks. Lessons Learned from Universities and Colleges. Napster today, then what next?. #1 - Napster is the tip of a larger problem #2 – No institution has unlimited financial resources or bandwidth

holmanr
Download Presentation

Necessary Control for Today’s Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Necessary Control for Today’s Networks Lessons Learned from Universities and Colleges

  2. Napster today, then what next? #1 - Napster is the tip of a larger problem #2 – No institution has unlimited financial resources or bandwidth #3 – Institutions shutting down Napster will likely find other misuse of institutional resources #4 – Network capacity strains will continue to increase - September 2000

  3. What Happened Next… • Aimster • BeNapster • TekNap • Crapster • Gnap • Gnapster • Gnome-napster • Hackster • iNapster • Lopster • and so on….. • iMesh • KaZaA (Netherlands) • MusicCity • WinMX (Ontario) • Riscster • Shuhan • Webnap • XMNap • Jnapster • Mactella • Bearshare • Furi • Gnotella • Gnucleus • Limeware • Newtella • ToadNode • Gnut • Hagelsag • MacStart

  4. In K-12… • Equal access for schools in all districts is threatened by: • Aimster, Gnutella • Class disruptions • Passing notes in class…the new way: • AOL Instant Chat, Yahoo Messaging, MSN Messenger, IRC (Internet Relay Chat), ICQ (now part of AOL) • Greeting cards

  5. + VoIP eMail Peoplesoft, SCT Oracle,Citrix,etc... Mission-Critical File Transfers TCP / IP Application-Neutral Web Surfing Real Jukebox,Tribes,Battle.net,etc. AudioGalaxy, Gnutella - + - Time-Sensitive At the Heart of the Problem All traffic is not created equal

  6. Applications Drive Today’s Business • Applications are network-centric, but they run over IP networks that are application-neutral • IP networks: • Treat all traffic alike • Lack predictability and control • Are disconnected from business goals and priorities

  7. Application Performance Is Critical • Web-based learning • E-learning • Administration • Email • Research • Library access • Multiple-campus projects • Facilities management • And more

  8. Bandwidth-Intensive Apps Bandwidth-Intensive Apps Image Transfers, Streaming Media Image Transfers, Streaming Media Unsanctioned Apps Unsanctioned Apps Surfing, MP3, Napster, Shopping Surfing, MP3, Blubster, Gnutella Mission-Critical Apps Critical Apps SCT, Research, PeopleSoft, e-learning Oracle, SAP, PeopleSoft, etc. Business Suffers Bursty, Unpredictable,Uncontrollable Traffic Critical ApplicationPerformance Suffers

  9. What hasn’t worked • Routers • Queuing – reacting to congestion • Blocking applications by port • Controlling outbound traffic only • Firewalls • Blocking applications by port • Adding more bandwidth

  10. Router and Firewalls 6346 75 6666 850 1467 56 56 ? 243 56 8888 80 540 10 625 999 49 356 2234 1678 789 621 490 1567 56 1200 53 498 1326

  11. What you could be missing Routers – Manage Outbound traffic only

  12. More Bandwidth “Throwing bandwidth at the problem makes your network more attractive.” • Hap Wheeler, Plattsburgh University

  13. What Does Work • Solution that can automatically identify application traffic • Solution that provides information on real-time application performance • Solution that proactively controls inbound and outbound application traffic • Solution that provides ongoing reports • Solution that co-exists with your existing network without changes and is not a single point of failure

  14. PacketShaper PacketShaper: • Provides the application infrastructure that protects critical applications and contains non-critical applications across wide area networks and the internet • Measures and enforces service levels of your critical applications across wide area networks and the internet • Provides the controls needed to: • Ensure performance of mission-critical applications • Allocate bandwidth based on priorities • Improve the return on investment (ROI) for the network and applications

  15. PacketShaper’s Four Step Process

  16. Step 1: Classify – You can only control what you can see PacketShaper automatically discovers and classifies >340 different traffic types Aduio Galaxy, Napster, Gnutella, imesh, Scour, etc. PacketShaper Application 7 • Precise Classification by: • Application • Port/Range • URL/index/wildcard • Mime type • Protocol • IP Address/Range • LDAP Host List • MAC Address (non-IP) • IP CoS/ToS,DSCP • MPLS Label • VLAN ID Presentation 6 Session 5 4 Transport Routers Switches Firewalls 3 Network 2 Data Link 1 Physical

  17. Step 1: Classify -- What’s Running on My Network? • Traffic types that PacketShaper has detected are shown in the PolicyConsole

  18. Classification Reports Inbound and Outbound Traffic

  19. Classify Traffic By … Both Service Location

  20. Step 1: Classify -- What’s Running on My Network? • In addition to Traffic Discovery, you can Create your own traffic classes based on a combination of: • Inbound or Outbound direction • Protocol (IP, IPX, SNA, NetBEUI, Appletalk, etc.) • IP address space (host, range, network, host list) • IP CoS/ToS,DSCP,MPLS Label, VLAN ID • TCP/UDP port numbers,port range, source destination pair • Predefined service types (e.g., http) • URL Strings (e.g., web pages, file types) • Citrix Types (published application, client name) • H.323 calls - VoIP (dynamic port negotiation) • Traffic Tree can be hierarchical (e.g., under the Citrix traffic class is asubclass for each Published Application)

  21. Step 2: Analyze -- How Is It Performing Today? • Extensive monitoring and evaluation tools • Ability to establish baseline application performance so you can quickly see deviations

  22. Example: Link Utilization • If peak rate is drastically higher than average rate you can increase your overall average utilization!

  23. Example: Network Efficiency Network Efficiency: • Designed to expose the hidden cost of retransmissions

  24. Example: Transaction Delay Is my network causing problems? Or is it one of my servers?

  25. Step 2: Analyze -- How Is It Performing Today? What’s competing for the bandwidth? • Top Talkers & Listeners • Traffic Distribution

  26. Step 3: Control -- How Do I Control Performance? • You can set rules to control performance • Per-application minimum/maximum bandwidth partitions • Per-user minimum/maximum bandwidth policies • Priority-based policies • And many more • PacketShaper implements TCP Rate Control • Control the rate at which end-systems communicate • Using industry-standard TCP/IP • Manage traffic flows and aggregate classes with bits-per-second accuracy • No queuing-induced latency; reduced packet loss • Inbound and outbound control • Proactive “The key to successful policy lies in the ability of the institution to make all parties aware of the policy and have some means to ensure compliance.” Gartner Group, Sept 2000

  27. TCP/IP Flow Control • Normal IP flow control (no PacketShaper) • Large file transfer started (e.g., ftp from internet) • Receiver negotiates speed of connection, using window size and ACK • Unaware of bottleneck or competing traffic • Opens large window and floods link • Mission critical traffic impacted (e.g., Oracle) Receiver Sender Data transmission floods link Window 16k ACK 10000

  28. Rate Control • Since PacketShaper sits at a strategic access point, it sees competing flows, knows available b/w, realtime demand, desired QoS • PacketShaper can make intelligent decisions on how to set flow-control parameters (appropriate window size, metered ACK) • PacketShaper Rate Control throttles back on lower priority traffic, leaves room for delay-sensitive mission-critical traffic • Traffic sent from host at specified rate, end-to-end Receiver Sender Data transmission @ desired rate Window 16k ACK 10000 Window 2k ACK 8000 ACK 9000 ACK 10000

  29. Without Control With Control Impact of Control

  30. Impact of Control With Control Without Control

  31. Typically Bandwidth Usage before control Typically Bandwidth Usage after control Before and After Control

  32. PacketShaper’s Rate Control • Because rate control is end-to-end, PacketShaper enables management of both inbound and outbound traffic • Rate control avoids congestion caused by hosts flooding router queues • Reduces transaction delay • Since individual IP flows are being controlled, you can set per session QoS • Supported for TCP and UDP traffic (modified for UDP)

  33. Step 4: Report -- How Do I Show Results? PacketShaper lets you: • Track service level agreements • Determine whether you’re meeting user expectations • Plan for the future of your network

  34. PacketShaper Success Stories Pacific University – Forest Grove, OR “PacketShaper helps us immensely by automatically classifying most of the traffic types seen on campus, and allowing us to set policies to control each of those types of traffic. It also allows us to see the most frequent users and set policies just for them. Using PacketShaper helps us ensure that everyone, from the University Faculty to the registrar to the freshmen in the dorms, gets the bandwidth they need.” -- Ted Krupicka

  35. PacketShaper Success Stories • Plattsburgh State University – Plattsburgh, NY • "When Napster started becoming popular with our students, we almost immediately saw the impact on our dormitory network connecting all the students. Due to the elusive nature of most of these entertainment-based applications, firewalls simply can't prevent them from entering the network. Through this solution’s [PacketShaper’s] application discovery and analysis capabilities we are now able to see when Napster and other similar applications try to take over our network.“ • from New Media Music, June 6, 2000

  36. PacketShaper Success Stories “We were seeing a trend toward the increasing use of peer-to-peer applications like Napster on the campus network and knew that it could become a significant problem for us. We considered a variety of possible remedies. We knew that just adding bandwidth wouldn’t solve it, because peer-to-peer applications take anything they can get. By installing PacketShaper on our network, we could set policies to limit their use to a relatively small portion of the pipe. This is a much better use of our resources.” Jim Bourn, Director of Data Communications

  37. Library & Research Administration Dorms Internet Distance Learning Computer Science Engineering Sample Campus Network

  38. Lessons Learned • Know what’s on your network • Guarantee bandwidth for teaching / learning applications • Improved performance for administration applications • Cap recreational web surfing • Get visibility into and control over bandwidth usage • Make intelligent decisions about capacity planning • And more

  39. PacketShaper Product Line 8500 Series 6500 Series 4500 Series 2500 Series 49,000 1500 Series 3,000 128k 512k 2M 10M 45M 100M 200M

  40. About Packeteer • Founded in 1996, pioneer of bandwidth management and application performance solutions • IPO in July 1999, NASDAQ: PKTR • Headquarters in Cupertino, CA, with offices worldwide • US Offices: New Jersey, Chicago, Atlanta, Dallas, Washington D.C., San Diego • Offices Abroad: Netherlands, Hong Kong, Japan, Australia, England, France, Germany • Employees: 200 • Customer proven • PacketShaper shipping since February 1997 • >20,000 PacketShapers shipped worldwide • 5th generation of software, 2nd generation hardware

  41. St. John Fisher College Higher Education Institutions Over 500!!!

  42. K-12 Institutions

  43. Problems Addressed by PacketShaper In Higher Education • Napster, Gnutella, iMesh • e-Learning • Research • Administration In K-12 • Equal and fair access for all schools in district • Bandwidth hogs can’t impact students’ or teachers’ ability to quickly access key administrative and learning sites • Napster, Gnutella, iMesh • Note passing • Greeting cards

  44. Lessons Learned - Summary PacketetShaper enables educational institutions to: enables educational institutions to: • Know what’s on their network • Reserve bandwidth for teaching, learning, and other mission-critical applications • Guarantee performance for administration applications • Cap recreational web surfing and P2P • Get visibility into and control over bandwidth usage • Make intelligent decisions about capacity planning • Protect smaller satellite campuses • Align WAN resources with organizational priorities • Maximize the return on existing network infrastructure • And much more

  45. Stanford Listserv Working with Stanford University there is now available a mailing list for Packeteer higher education customers. The primary purpose of the list is to let customers talk to each other to discuss organizational or technical issues related to deploying Packeteer products. Customers can get registration info at: http://www.packeteer.com/solutions/industries/education/stanford_listserv.cfm

  46. Necessary Control for Today’s Networks Classify Analyze Applications Report Control

More Related