Shapers vs QOS in routers
Many networking vendors offer routers with queuing capabilities, and this can be sufficient for simple requirements, says Chia. If an organisation has chosen a thin client strategy, the router can take care of prioritisation. However, if there is a need to distinguish different applications within that traffic (eg, print jobs versus ERP processing), a router cannot help, he says.An external packet shaper offers better control and reporting, allows quick configuration changes, and makes it easier to go beyond layer four (ie, to classify traffic at the application level), he says.
Owen says there is a "difference between hype and reality" when it comes to QoS features in routers, as they do not deal with application-specific problems very well. Both network QoS and application QoS management is required, he suggests.
Another issue is that as desktop systems become more powerful, servers transmit larger packets of data across WAN links, and this can conflict with carriers' assumptions that are based on older hardware.
All Nortel products implement eight queues, says Buckton, claiming that others only have two or four queues. "This is the number of levels of priority you have in Ethernet... IP... and other technologies," he says.
If a network has been built with routers that lack QoS features, it can be more cost-effective to use an external packet shaper instead of upgrading the routers, says Chia. One customer was getting poor response from Citrix applications, he says, but when Dimension Data got involved the customer pulled out from a cupboard a PacketShaper purchased by the previous IT manager but never installed. The software was quickly upgraded to the current version, and the customer saw an instant improvement and acceptable response times.
With data that is especially time critical, such as VoIP, adding packet shaping to aging network infrastructure may not be enough, says Oliver Descoeudres, marketing manager at NetStar Australia. All the routers will need QoS features as well, he says: "you've got to get that baseline in place."
Chia agrees that most VoIP rollouts would include a router upgrade for QoS, and suggests there are times when QoS and a packet shaper would both be needed.
"It depends on the situation and actual traffic," says Bjarne Munch, senior research analyst at META Group. "We do see [packet shaping appliances] having a good space in the market right now."
When it comes to managing priorities, Descoeudres says it is much easier to change the rules in a packet shaper than in a router.
Chia points out that a network with a star topology can be managed by a single packet shaper at the network core, but more complex arrangements may require a device at each location, and that can make it harder to establish the business case, he says.
Packet shapers "seem very easy to use", says Munch, but he recommends their use on specific links rather than deploying them in a network cloud. They provide good reporting of the traffic mix--META doesn't expect routers to catch up in that regard until somewhere between the end of this year and 2005--but managing a large number of packet shaping appliances can be difficult, he says.
With wideband IP connections now delivering Ethernet to the premises, sites are likely to be equipped with a switch rather than a router, says Chia. The basic queuing in a switch "just does not cut it", he says, as it does not provide sufficiently fine control. A packet shaper may therefore be needed, and "I think that's going to become more prominent," says Chia.
This situation may also call for traffic throttling, he says, because some contracts penalise bursts of traffic. It is important that prioritisation is done before throttling, and that can't be done on a switch.
Gabo disagrees, saying that companies such as Cisco and Alcatel are developing traffic management capabilities for edge switches. The prioritisation is "embedded in a much lower cost product" than an external shaper and they do not need managing, he says.
Michael Boland, distinguished engineer at Cisco, is on Chia's side. Carriers offer four or five classes of service within a contract, he says, and their routers police your traffic within these classes so you don't mark all your traffic as top priority. You therefore need to shape your traffic according to the contract. Routers shape by aggregated traffic while packet shapers shape by application and "the world doesn't need to get down to this level of granularity," he says. Even with Ethernet to the premises, you should install a router rather than a switch to accumulate information about your traffic so you can check you are getting what you're paying for.
"The faster the pipe, the deeper the buffers," says Boland, pointing out that buffers equivalent to 2.5 times the round-trip delay should be maintained. This isn't an issue for short-haul links, but it is significant for fast inter-capital or international connections.
On the other hand, there are times when external packet shaper is not appropriate, according to Chia, such as networks that are still using legacy protocols (DECnet, IPX, etc) that are unsupported by such devices, or where there is branch-branch traffic across a frame relay network and installing a shaper at each location is uneconomical.
"Every technology has its place," says Gabo. Packet shaping is traditionally used in WANs to reduce charges and by deprioritising less important traffic on restricted links. "A lot of WAN equipment provides similar functionality," he says, but configuring a router requires specific skills and a misconfiguration can being down a network.
Foursticks NP attempts to reduce this risk by incorporating patent pending methods for verifying the correctness of policies. The result is that the product is easier to use, with quicker troubleshooting, says Noble.
Packet shapers are dedicated to the function, so today they do a better job than the embedded equivalent, "but they will always be a niche product," says Gabo. "To date, the major need for traffic management was in the WAN. In future, it will be everywhere in the network" because multimedia applications require end-to-end control. This control will be provided by devices from network vendors "and soon from Dick Smith Electronics and other shops," he says.
"Bandwidth management comes into play when there is congestion. Congestion happens anywhere in the network that there are more than two ports" and it must be dealt with where it is created, "or the damage is already done."
Munch points out that packet shapers are appropriate when sufficient bandwidth is available but various classes of traffic must be prioritised. If the links aren't adequate for the amount of traffic, compression (either as a standalone product or as an add-in to a device such as a router or packet shaper) is more appropriate. "Traffic management is only one part of the game," he says, "it's important to identify the actual need." Organisations tell META that compression can add one or two years to the useful life of an international link before more bandwidth is needed.
Similarly, if an organisation is planning to add VoIP to its current network in two or three years, it might be worth installing packet shapers as a "spot solution" while a converged network is architected. "There's probably more long-term use for compression" than packet shaping, he suggests. "You can't get quality of service unless it is embedded in each node in the network."
In addition to the compression offered by Packeteer (which is based on Lempel-Ziv encoding), Peribit Networks has also developed another form of compression known as Molecular Sequence Reduction, which is used in its SR series of products.
 |
Boland agrees. He says it is enough to specify (for example) top priority for VoIP traffic, medium priority for enterprise applications, and "best effort" for e-mail. "If you can get down to that level, you can get very fine control over what goes down a pipe," he says. Munch concurs, saying "you can do very differentiated queuing" with modern routers.
Router vendors tell their customers to use QoS in the routers, says Côté, and "in some cases that's the best thing that could happen to us" because that doesn't provide enough priority levels, sufficient granularity, or the ability to limit certain traffic types.
Boland suggests organisations should compare the cost of packet shapers with the benefits they deliver over and above those provided by modern routers. "You can't put them on every junction on your network," he says, and vendors are increasingly putting intelligence into the switching fabric. There is usually plenty of bandwidth on a LAN, so the issues occur on a LAN/WAN boundary, and there's usually a router at that point.
"Administration is the biggest problem in these networks", he suggests. Application awareness means you have to keep track of application changes, and setting priorities for every application and every node is a big job, "so people don't administer to that level of granularity." That may be true in some circumstances, but our case study describes a Packeteer customer that uses between 30 and 40 classes. "It's a horses for courses thing," says Boland, "for some people it's ideal, [but] in general it's not a big deal."
How does it work?
The primary mechanism used by the PacketShaper is TCP rate control, says Packeteer systems engineer Bede Hackney. Instead of managing queues of packets, a PacketShaper manipulates the TCP sliding window size (the maximum number of bytes that can be sent without receiving an acknowledgement), effectively controlling the speed at which data is transmitted. This approach provides bi-directional control with a single device, and it also makes it possible to limit the bandwidth consumed by a device such as a remote camera even if there isn't a router at the far end of the link.
A PacketShaper can track the different sessions passing through it and intelligently delay acknowledgements to control the flows without causing packets to be retransmitted, as such retransmissions waste bandwidth. If packets are buffered and queued, they will be dropped at some stage, says Hackney, but "we're able to achieve a more efficient control."
"If we can't do anything smarter, we'll fall back onto queuing," he says, adding that PacketShapers can also mark packets according to a variety of prioritisation standards, including 802.1p, CoS, Diffserv, and MPLS.
Foursticks claims its patent-pending algorithm is more accurate than methods such as TCP rate shaping because it responds more quickly to changes in the network. It also uniquely allows the definition of the maximum latency for packets moving through the device. "This is important to delay and jitter sensitive traffic," says Alisdair Faulkner, Foursticks' director of strategy.
The Foursticks algorithm also incorporates finer granularity of policy control through its configuration verification capability that ensures that policies are valid and supportable by the underlying network, he says.
Boland points out that modern routers do more than just routing packets. Additional functions such as firewalls are being built in, so routers can understand traffic at the application layer. Packet shaping either introduces another type of box to the network, or additional software running on the servers--either way, that means more complexity.
Reporting and integration
A by-product of packet classification is the collection of detailed data about the traffic flowing across the network. Packeteer's ReportCenter software provides consolidated reporting from multiple PacketShapers or PacketSeekers. The software collects 55 variables that are useful for service level management, and it has "a very robust API", claims Morford, allowing connection to other applications. Owen says work has been done locally to integrate Packeteer data with Concord's management software for reporting purposes. "It's a strength of out product," he says. Information collected by Packeteer appliances is a valuable addition to other management tools.
Several local customers are using the API to link to their host accounting systems. "We've been very successful" as an alternative to messing around with spreadsheets," says Owen. "Most sophisticated customers are... billing at the application level."
Other vendors support the integration of their products with applications. "Foursticks has an open API which allows third-party software developers to automate many control and shaping features," says Faulkner.
Performance data collected by Packeteer appliances can also be used for "proactive alerting", says Morford. Performance degradation can be spotted at an early stage, so technical staff can be alerted before a system fails or becomes unacceptably slow. It can also locate problems that affect specific clients or servers.
Another issue is granularity of reporting. "Foursticks believes you can only control to the level of detail you can monitor and report. Only NP has the capability to measure bandwidth and application response time--round trip time--‘live' at per-second granularity." Averaging the response time of transactions over one minute rather than one second can give a misleadingly low impression of responsiveness, Faulkner says.
Service providers that use a PacketShaper or PacketSeeker to investigate their client's network do not need to leave it in place permanently, according to Descoeudres. Putting one on the network for a week or so can "identify latency issues and qualify the end-user experience", he says. When the provider is responsible for managing application performance, ongoing data collection will help identify and address the real cause. "Often the problem may be there is insufficient bandwidth for a particular site," he says. "Packeteer gives you very effective reports at the application level."
"Customers see this as useful technology, but not essential in the current environment," says Descoeudres, but he expects interest will return as soon as IT spending picks up.
4%
4%
The HTB QoS mechanism under linux provides many of these capabilities. The only significant downside is that the documentation very poor at present.
Once you have it going and understand it well, it works wonderfully. I have it emplaced on our gateway here, and it makes an impressive difference in reducing the impact of some traffic types on our link responsiveness.
It's even more effective on my home firewall, where there are a lot of different traffic priorities, from ultra-bulk low priority traffic to VoIP and SSH data - all of which need to share the link at optimal performance.