Upload
others
View
9
Download
0
Embed Size (px)
Citation preview
Traffic Access Control
Instructor: Hamid R. Rabiee
Spring 2012
Digital Media Lab - Sharif University of Technology2
Outlines
Traffic Access Control
Definition
Traffic Shaping
Traffic Policing
The Leaky Bucket
The Token Bucket
What is Traffic Access Control?
A collection of specification techniques and mechanisms to:
specify the expected traffic characteristics and service requirements (e.g. peak
rate, required delay bound, loss tolerance) of a data stream
shape data streams (e.g. reducing their rates and/or Traffic Burstiness) at the
edges and selected points within the network
police data streams and take corrective actions (e.g. discard, delay, or mark
packets) when traffic deviates from its specification
The components of traffic access control are directly related to the
mechanisms of admission control and scheduling that implement QoS
controlled services:
Most real-time queuing and scheduling mechanisms require some control of the
rate and burstiness of data moving through the system.
Digital Media Lab - Sharif University of Technology3
Traffic Access Control Functions
Flow specification function
Provides the common language by which applications and network elements
communicate service requirements
Shaping function
Policing function
Monitors traffic flows and takes corrective actions when the observed
characteristics deviate from those specified
The location of policing functions (e.g. at the network edge and at stream
merge points) are usually determined by the network providers
Digital Media Lab - Sharif University of Technology4
Traffic Shaping
Goal: limit traffic to not exceed declared parameters
Traffic shaping is usually done in the egress line card to shape and
smooth the outgoing traffic
Retains excess packets in a queue and then schedules the excess for later
transmission over increments of time
The result of traffic shaping is a smoothed packet output rate
Digital Media Lab - Sharif University of Technology5
6
Traffic Shapers-Schemes
Leaky Bucket (LB)
Token Bucket
Window shapers
Jumping window
Moving window
Composite Shapers
Composite Leaky Bucket
Dual LB
Triple LB
Composite windows
6Digital Media Lab - Sharif University of Technology
Traffic Policing
Traffic policing propagates bursts
When the traffic rate reaches the configured maximum
rate, excess traffic is dropped (or remarked)
The result is an output rate that appears as a saw-tooth with crests
and troughs
Digital Media Lab - Sharif University of Technology7
Policing vs. Shaping
Digital Media Lab - Sharif University of Technology8
Shaping Policing
ObjectiveBuffer and queue excess packets above the committed
rates.
Drop (or remark) excess packets above the
committed rates. Does not buffer.*
Token Refresh RateIncremented at the start of a time interval. (Minimum
number of intervals is required.)
Continuous based on formula: 1 / committed
information rate
Token Values Configured in bits per second. Configured in bytes.
Configuration Options
•shape command in the modular quality of service
command-line interface (MQC) to implement class-
based shaping.
•frame-relay traffic-shape command to implement
Frame Relay Traffic Shaping (FRTS).
•traffic-shape command to implement Generic Traffic
Shaping (GTS).
•police command in the MQC to implement class-
based policing.
•rate-limit command to implement committed access
rate (CAR).
Applicable on Inbound No Yes
Applicable on Outbound Yes Yes
Bursts
Controls bursts by smoothing the output rate over at
least eight time intervals. Uses a leaky bucket to delay
traffic, which achieves a smoothing effect.
Propagates bursts. Does no smoothing.
Advantages
Less likely to drop excess packets since excess packets
are buffered. (Buffers packets up to the length of the
queue. Drops may occur if excess traffic is sustained at
high rates.) Typically avoids retransmissions due to
dropped packets.
Controls the output rate through packet drops.
Avoids delays due to queuing.
DisadvantagesCan introduce delay due to queuing, particularly deep
queues.
Drops excess packets (when configured), throttling
TCP window sizes and reducing the overall output
rate of affected traffic streams. Overly aggressive
burst sizes may lead to excess packet drops and
throttle the overall output rate, particularly with
TCP-based flows.
Optional Packet Remarking No Yes (with legacy CAR feature).
Digital Media Lab - Sharif University of Technology9
Two Main Shaping Methods
Leaky Bucket Algorithm
Regulate output flow
Packets lost if buffer is full
Token Bucket Algorithm
Buffer filled with tokens
transmit ONLY if tokens available
Digital Media Lab - Sharif University of Technology10
The Leaky Bucket
Main Idea:
Keep a single server queuing system with constant service time
Allow one packet per clock tick onto the network
Old packets are discarded
Selected packets are discarded when bucket is full
Digital Media Lab - Sharif University of Technology11
Leaky Bucket
To understand the leaky bucket model, consider a bucket with a small hole
at the bottom. Three parameters define the bucket:
The capacity (B)
The rate at which water flows out of the bucket (R)
The initial fullness of the bucket (F)
Digital Media Lab - Sharif University of Technology12
Leaky Bucket
If water is poured into the bucket at exactly rate R, the bucket will remain at
F, because the input rate equals the output rate.
If the input rate increases while R remains constant, the bucket accumulates
water.
If the input rate is larger than R for a sustained period, eventually the bucket
overflows.
However, the input rate can vary around R without overflowing the bucket, as
long as the average input rate does not exceed the capacity of the bucket.
The larger the capacity, the more the input rate can vary within a given
window of time.
Digital Media Lab - Sharif University of Technology13
The Leaky Bucket Algorithm
Queue full - packet discarded.
What if packets are different size and fixed bytes/ unit time.
Digital Media Lab - Sharif University of Technology14
Leaky Bucket Example
A source generates data in terms of bursts: 3 MB bursts lasting 2 msec once every 100 msec.
The network offers a bandwidth of 60 MB/sec.
The leaky bucket has a capacity of 4 MB. How does the output look like?
Input: 0-2 msec: 1500 MB/sec; 100-102 msec: 1500 MB/sec; 200-202 msec: 1500 MB/sec; …
Output: 0-50 msec: 60 MB/sec; 100-150 msec: 60 MB/sec; ….
Digital Media Lab - Sharif University of Technology15
Leaky Bucket Example
What should be the capacity of the leaky bucket to avoid loss?
During the burst, data inflow is at the rate of 1.5 MB/msec and the outflow is at the rate of 0.06 MB/msec.
So accumulation is at the rate of 1.44 MB/msec. So at the end of 2 msec, there will be an accumulation of 2.88 MB. This is the minimum leaky bucket capacity to avoid buffer overflow and hence data loss.
Digital Media Lab - Sharif University of Technology16
Leaky Bucket Issues
After 500 ms, the bucket is discharged!
Drops packets
Does not allow host to save permission to transmit large burst later
Digital Media Lab - Sharif University of Technology17
The Token Bucket
In contrast to the LB, the Token Bucket (TB) algorithm, allows the output rate to vary,
depending on the size of the burst.
Packet gets tokens and only then transmitted
In the TB algorithm, the bucket holds tokens. To transmit a packet, the host must capture and
destroy one token
A variant – packets sent only if enough token available - token - fixed byte size
Token bucket holds up n tokens
Host captures tokens
Each token can hold some bytes
Token generated every T seconds
Allows bursts of packets to be sent - max n
Responds fast to sudden bursts
If bucket full – thrown token packets not lost
Digital Media Lab - Sharif University of Technology18
Token Bucket Algorithm
Digital Media Lab - Sharif University of Technology19
Token Bucket Example
Bucket capacity: 1 MB
Token arrival rate: 2 MB/sec
Network capacity: 10 MB/sec
Application produces 0.5 MB burst every 250 msec For 3 seconds
The bucket is full of tokens
Digital Media Lab - Sharif University of Technology20
Token Bucket Example
Initially, output can be at the rate of 10 MB/s. But how long can the bucket sustain this?
First, 1MB can be sent
From then on, for X seconds, the token input rate is 2MB/s, the output traffic rate is 10MB/s
1 + 2X = 10X 8X = 1 X = 1/8 sec =125 ms
The bucket can transmit 1.25 MB in this time > 0.5MB the application produces
Output: 0-50 ms: 10 MB/s
50-250 ms: None
Digital Media Lab - Sharif University of Technology21
Token Bucket Example
At the end of this period, the amount of tokens in the
bucket is:
1MB+250ms*2MB/s-0.5MB=1MB
So the bucket is full again!
Repeat for 3 seconds
How will the traffic look with Bucket Size = 200K? 0.2+2X=10X X=0.2/8=0.025s=25ms
0-25ms : 10 MB/s = 0.25MB. 0.25MB left
0.25MB/(2MB/s) = 125ms
25-150ms: 2MB/s
150-250ms: None
Digital Media Lab - Sharif University of Technology22
Dual Buckets
Mechanism
Consists of a two token buckets
Allows for policing on average rate, peak rate, and burst size
Parameters of buckets are set based on flow requirements
Digital Media Lab - Sharif University of Technology23
Summary
Leaky and Token bucket, both are designed for controlling average rate.
Token bucket used by IETF
Leaky bucket used by ATM
On bursty arrivals after a long idle:
Token bucket results in bursty departure
Leaky bucket results in smooth departure
Digital Media Lab - Sharif University of Technology24