Presentation is loading. Please wait.

Presentation is loading. Please wait.

SANS 2001John Kristoff - DePaul University1 Avoiding Network Capacity Collapse John Kristoff +1 312 362-5878 DePaul University Chicago,

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "SANS 2001John Kristoff - DePaul University1 Avoiding Network Capacity Collapse John Kristoff +1 312 362-5878 DePaul University Chicago,"— Presentation transcript:

1 SANS 2001John Kristoff - DePaul University1 Avoiding Network Capacity Collapse John Kristoff jtk@depaul.edu +1 312 362-5878 DePaul University Chicago, IL 60604

2 SANS 2001John Kristoff - DePaul University2 Capacity Collapse • Scarcity of capacity • (Dropped Traffic / Offered Traffic) increases • Goodput decreases (approaches zero) • Response time increases • Very little or no real work gets done

3 SANS 2001John Kristoff - DePaul University3 Statistical Multiplexing • A primary advantage of data networks • Available capacity can be used by anyone • Share capacity on first in, first out basis • Build network based on average usage • But IP is arbitarily bursty • Hence, will probably have some congestion • How do you prevent capacity collapse?

4 SANS 2001John Kristoff - DePaul University4 IP Type of Service Field "The Type of Service provides an indication of the abstract parameters of the quality of service desired." - RFC 791, September 1981 Twenty years later and still no Internet QoS!

5 SANS 2001John Kristoff - DePaul University5 TCP Congestion Avoidance • TCP cannot control congestion • It can react based on implicit network signals • Assumes packet loss is due to congestion • TCP is quite good - maybe too good • Tries to fully utilize network - it can go very fast • Want TCP to go slow? Drop packets! • Dropping packets reduces goodput

6 SANS 2001John Kristoff - DePaul University6 ICMP, UDP and Multicast • Some protocols unresponsive to congestion • Luckily TCP accounts for ~90% of the traffic • Congestion control is needed • A function of the network • How do we do it? is the question • RED and ECN • Scheduling and rate limiting • Price incentives

7 SANS 2001John Kristoff - DePaul University7 What about IPv6, ATM, MPLS... • Are these ubiquituous in your network? • Thought so. • Probably wouldn't be a panacea anyway • Next slide please...

8 SANS 2001John Kristoff - DePaul University8 (D)DoS Attacks are Related • But we won't talk specifically about them • Congestion control ideas may help us • With some added features • Probably only a temporary capacity collapse • Include this in capacity management plan

9 SANS 2001John Kristoff - DePaul University9 Let's Get More Capacity • LAN capacity is cheap, we can overprovision • Leased WAN links can be costly • Internet service can definitely be costly • Operational versus capital costs • Ugh... provisioning problems and lead times • Need simple, cheap and fast • We only get to pick one, maybe two if lucky

10 SANS 2001John Kristoff - DePaul University10 Access Blocking • DNS black holing • IP router filters • Null routes • Site blocking

11 SANS 2001John Kristoff - DePaul University11 Rate Limiting • IP, UDP and TCP based - usually • IP addresses • Protocol ports • Strict limits • Dynamic limits

12 SANS 2001John Kristoff - DePaul University12 UIUC Rate Limiting Experiment • Allow full capacity access by default • "Out-of-profile" users are rate limited • Increasingly aggressive limits if necessary • Analyzing cflowd data to determine usage • Dynamically upload CAR configs once/hour • Scaling issues - a tad scary http://www.ncne.nlanr.net/training/techs/2001/0128/presentations/2000101-kline1_files/v3_document.htm

13 SANS 2001John Kristoff - DePaul University13 Active Queue Management • One way to control congestion in the network • Tail drop (FIFO queueing) • Random Early Detection (RED) • Explicit Congestion Notification (ECN) • Probably coupled with RED • Ongoing experimentation and research • Implementations available

14 SANS 2001John Kristoff - DePaul University14 Tail Drop Illustrated

15 SANS 2001John Kristoff - DePaul University15 RED Illustrated

16 SANS 2001John Kristoff - DePaul University16 Scheduling • Alter transmission order of packets • Can be based on: • IP Addresses • Priority (e.g. ToS bits) • Protocols (e.g. SSH) • Flow characteristics • Must define capacity/weight for queues

17 SANS 2001John Kristoff - DePaul University17 Traffic Shaping • TCP rate control • Alter TCP receiver window on the fly • ACK pacing • Slow or spread out ACKs to control sender • Packeteer (middlebox) does this • Yes, it can be a little scary • Can be implemented in end host stacks

18 SANS 2001John Kristoff - DePaul University18 Caching • Transparent • It is there, but users don't know it • Voluntary • It is there, but users must know to use it • Probably only buys a short amount of time

19 SANS 2001John Kristoff - DePaul University19 Private Peering • There is such a thing as a free lunch! • Well, OK not really • Involves some routing complexity • Startup cost might be high • You may have a choice of transit provider • If you can get to an exchange, do so!

20 SANS 2001John Kristoff - DePaul University20 Private Peering Illustrated

21 SANS 2001John Kristoff - DePaul University21 Monitoring • Some tools: • MRTG, RRDTool, cflowd • Some things to watch: • Queue depth • Packet drops • Link utilization • Buffer utilization • Latency versus throughput

22 SANS 2001John Kristoff - DePaul University22 Consortia • Some nice things in your own back yard? • Might be free, low cost or subsidized • May at least be lots of capacity • Might also be worth what you pay • Examples: • Internet2 • Illinois Century Network • STAR TAP

23 SANS 2001John Kristoff - DePaul University23 Proxy Servers • Lots of opportunity for control • Can do lots of the capacity solutions at once • Not sure that you want them to • Lots of middlebox issues

24 SANS 2001John Kristoff - DePaul University24 Content Distribution • Content providers move data closer to you • Maybe setup up your own Red Hat mirror • Akamai is well known in this space • A form of load balancing

25 SANS 2001John Kristoff - DePaul University25 Content Subscription • Obtain local copies of data for distribution • Sort of like a library service • You do not own the content • May help alleviate copyright issues • iBEAM is popular in this space

26 SANS 2001John Kristoff - DePaul University26 Network Address Translation (NAT) • Intended as solution to IP address shortage • Has a number of well documented problems • Probably not your capacity solution • Probably wouldn't help much anyway • In fact, it would probably hurt you more • Not recommended if you have addresses • Bad Juju

27 SANS 2001John Kristoff - DePaul University27 What Would I Do? (Bias Slide) • Oversubscription before CoS/QoS • Preserve End-to-end model • Get to an exchange and peer • Get into a consortium like Internet2 • Do lots of monitoring (understand traffic) • Be wary of silicon snake oil • Be willing to research and test anything

28 SANS 2001John Kristoff - DePaul University28 References http://condor.depaul.edu/~jkristof/ http://www.aciri.org/floyd/ http://www.ietf.org http://www.nanog.org http://listserv.nd.edu/archives/resnet-l.html http://www.theorygroup.com/Archive/Unisog/ http://darkwing.uoregon.edu/~joe/how-to-go-fast.ppt

Download ppt "SANS 2001John Kristoff - DePaul University1 Avoiding Network Capacity Collapse John Kristoff +1 312 362-5878 DePaul University Chicago,"

Similar presentations

Congestion Control and Fairness Models Nick Feamster CS 4251 Computer Networking II Spring 2008.

Congestion Control and Fairness Models Nick Feamster CS 4251 Computer Networking II Spring 2008.
CSIT560 Internet Infrastructure: Switches and Routers Active Queue Management Presented By: Gary Po, Henry Hui and Kenny Chong.

CSIT560 Internet Infrastructure: Switches and Routers Active Queue Management Presented By: Gary Po, Henry Hui and Kenny Chong.
TELE202 Lecture 8 Congestion control 1 Lecturer Dr Z. Huang Overview ¥Last Lecture »X.25 »Source: chapter 10 ¥This Lecture »Congestion control »Source:

TELE202 Lecture 8 Congestion control 1 Lecturer Dr Z. Huang Overview ¥Last Lecture »X.25 »Source: chapter 10 ¥This Lecture »Congestion control »Source:
William Stallings Data and Computer Communications 7 th Edition Chapter 13 Congestion in Data Networks.

William Stallings Data and Computer Communications 7 th Edition Chapter 13 Congestion in Data Networks.
Top-Down Network Design Chapter Thirteen Optimizing Your Network Design Copyright 2010 Cisco Press & Priscilla Oppenheimer.

Top-Down Network Design Chapter Thirteen Optimizing Your Network Design Copyright 2010 Cisco Press & Priscilla Oppenheimer.
IS333, Ch. 26: TCP Victor Norman Calvin College 1.

IS333, Ch. 26: TCP Victor Norman Calvin College 1.
24.1 Chapter 24 Congestion Control and Quality of Service Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

24.1 Chapter 24 Congestion Control and Quality of Service Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
CS 4700 / CS 5700 Network Fundamentals Lecture 13: Middleboxes and NAT (Duct tape for IPv4) Revised 3/9/2013.

CS 4700 / CS 5700 Network Fundamentals Lecture 13: Middleboxes and NAT (Duct tape for IPv4) Revised 3/9/2013.
Congestion Control Created by M Bateman, A Ruddle & C Allison As part of the TCP View project.

Congestion Control Created by M Bateman, A Ruddle & C Allison As part of the TCP View project.
CS 408 Computer Networks Congestion Control (from Chapter 05)

CS 408 Computer Networks Congestion Control (from Chapter 05)
Leon-Garcia & Widjaja: Communication Networks Copyright ©2000 The McGraw Hill Companies A Little More on Chapter 7 And Start Chapter 8 TCP/IP.

Leon-Garcia & Widjaja: Communication Networks Copyright ©2000 The McGraw Hill Companies A Little More on Chapter 7 And Start Chapter 8 TCP/IP.
Congestion Control An Overview -Jyothi Guntaka. Congestion  What is congestion ?  The aggregate demand for network resources exceeds the available capacity.

Congestion Control An Overview -Jyothi Guntaka. Congestion  What is congestion ?  The aggregate demand for network resources exceeds the available capacity.
Explicit Congestion Notification (ECN) RFC 3168 Justin Yackoski DEGAS Networking Group CISC856 – TCP/IP Thanks to Namratha Hundigopal.

Explicit Congestion Notification (ECN) RFC 3168 Justin Yackoski DEGAS Networking Group CISC856 – TCP/IP Thanks to Namratha Hundigopal.
School of Information Technologies TCP Congestion Control NETS3303/3603 Week 9.

School of Information Technologies TCP Congestion Control NETS3303/3603 Week 9.
Receiver-driven Layered Multicast S. McCanne, V. Jacobsen and M. Vetterli SIGCOMM 1996.

Receiver-driven Layered Multicast S. McCanne, V. Jacobsen and M. Vetterli SIGCOMM 1996.
TDC365 Spring 2001John Kristoff - DePaul University1 Internetworking Technologies Transmission Control Protocol (TCP)

TDC365 Spring 2001John Kristoff - DePaul University1 Internetworking Technologies Transmission Control Protocol (TCP)
Networks: Congestion Control1 Congestion Control.

Networks: Congestion Control1 Congestion Control.
Criticisms of I3 Jack Lange. General Issues ► Design ► Performance ► Practicality.

Criticisms of I3 Jack Lange. General Issues ► Design ► Performance ► Practicality.
1 Internet Networking Spring 2003 Tutorial 11 Explicit Congestion Notification (RFC 3168) Limited Transmit (RFC 3042)

1 Internet Networking Spring 2003 Tutorial 11 Explicit Congestion Notification (RFC 3168) Limited Transmit (RFC 3042)
Security Forum 2001John Kristoff - DePaul University1 Network Firewalls John Kristoff +1 312 362-5878 DePaul University Chicago, IL 60604.

Security Forum 2001John Kristoff - DePaul University1 Network Firewalls John Kristoff DePaul University Chicago, IL

Similar presentations

Ads by Google