necessary control for today’s networks
DESCRIPTION
Necessary Control for Today’s Networks. Lessons Learned from Universities and Colleges. Napster today, then what next?. #1 - Napster is the tip of a larger problem #2 – No institution has unlimited financial resources or bandwidth - PowerPoint PPT PresentationTRANSCRIPT
Necessary Control for Today’s Networks
Lessons Learned from Universities and Colleges
Slide 2
Napster today, then what next?
#1 - Napster is the tip of a larger problem
#2 – No institution has unlimited financial resources or bandwidth
#3 – Institutions shutting down Napster will likely find other misuse of institutional resources
#4 – Network capacity strains will continue to increase
- September 2000
Slide 3
What Happened Next…
Bearshare
•Furi
•Gnotella
•Gnucleus
•Limeware
•Newtella
•ToadNode
•Gnut
•Hagelsag
•MacStart
•Aimster
•BeNapster
•TekNap
•Crapster
•Gnap
•Gnapster
•Gnome-napster
•Hackster
•iNapster
•Lopster
and so on…..
•iMesh
•KaZaA (Netherlands)
•MusicCity
•WinMX (Ontario)
•Riscster
•Shuhan
•Webnap
•XMNap
•Jnapster
•Mactella
Slide 4
In K-12…
Equal access for schools in all districts is threatened by:
Aimster, Gnutella Class disruptions Passing notes in class…the new way:
AOL Instant Chat, Yahoo Messaging, MSN Messenger, IRC (Internet Relay Chat), ICQ (now part of AOL)
Greeting cards
Slide 5
At the Heart of the Problem
eMaileMail
File TransfersFile Transfers
AudioGalaxy,AudioGalaxy,GnutellaGnutella
Web SurfingWeb Surfing
Peoplesoft, SCTPeoplesoft, SCTOracle,Oracle,Citrix,Citrix,etc...etc...
VoIPVoIP
Real Jukebox,Tribes,Battle.net,
etc.
TCP / IPTCP / IPApplication-Application-
NeutralNeutral
TCP / IPTCP / IPApplication-Application-
NeutralNeutral
++
--
--
Mission-Mission-CriticalCritical
Time-SensitiveTime-Sensitive ++
All traffic is not created equal
Slide 6
Applications Drive Today’s Business
Applications are network-centric, but they run over IP networks that are application-neutralIP networks:
Treat all traffic alikeLack predictability and controlAre disconnected from business goals and priorities
Slide 7
Application Performance Is Critical
Web-based learningE-learningAdministrationEmailResearchLibrary accessMultiple-campus projectsFacilities managementAnd more
Slide 8
Business Suffers
Bursty, Unpredictable,Bursty, Unpredictable,Uncontrollable TrafficUncontrollable Traffic
Critical ApplicationCritical ApplicationPerformance SuffersPerformance Suffers
Oracle, SAP, PeopleSoft, etc.
Oracle, SAP, PeopleSoft, etc.
Mission-Critical AppsMission-Critical Apps
Unsanctioned AppsUnsanctioned Apps
Surfing, MP3, Napster, Shopping
Surfing, MP3, Napster, Shopping
Bandwidth-Intensive Apps
Bandwidth-Intensive Apps
Image Transfers, Streaming MediaImage Transfers, Streaming Media
SCT, Research,
PeopleSoft,
e-learning
SCT, Research,
PeopleSoft,
e-learning
Critical AppsCritical Apps
Unsanctioned AppsUnsanctioned Apps
Surfing, MP3, Blubster, Gnutella
Surfing, MP3, Blubster, Gnutella
Bandwidth-Intensive Apps
Bandwidth-Intensive Apps
Image Transfers, Streaming Media
Image Transfers, Streaming Media
Slide 10
What hasn’t worked
RoutersQueuing – reacting to congestionBlocking applications by port Controlling outbound traffic only
Firewalls Blocking applications by port
Adding more bandwidth
Slide 11
Router and Firewalls
6346
8888 8056
5656146785075 6666
243
7891678223435649999 621
62510540
490 561567 1200 53 498 1326
?
Slide 12
Routers – Manage Outbound traffic only
What you could be missing
Slide 13
More Bandwidth
“Throwing bandwidth at the problem makes your network more attractive.”
Hap Wheeler, Plattsburgh University
Slide 14
What Does Work
Solution that can automatically identify application trafficSolution that provides information on real-time application performanceSolution that proactively controls inbound and outbound application trafficSolution that provides ongoing reports Solution that co-exists with your existing network without changes and is not a single point of failure
Slide 15
PacketShaper
PacketShaper: Provides the application infrastructure that protects critical applications and contains non-critical applications across wide area networks and the internet
Measures and enforces service levels of your critical applications across wide area networks and the internet
Provides the controls needed to:Ensure performance of mission-critical applications Allocate bandwidth based on prioritiesImprove the return on investment (ROI) for the network and applications
Slide 16
PacketShaper’s Four Step Process
Slide 17
Step 1: Classify – You can only control what you can see
Physical
Network
Data Link
Transport
Session
Presentation
Application
Pac
ketS
hap
er
Ro
ute
rsS
wit
ches
Fir
ewal
ls1
7
6
5
4
3
2
PacketShaper automatically discovers and classifies >340different traffic types
Precise Classification by:• Application• Port/Range• URL/index/wildcard• Mime type• Protocol• IP Address/Range• LDAP Host List• MAC Address (non-IP)• IP CoS/ToS,DSCP• MPLS Label• VLAN ID
Aduio Galaxy, Aduio Galaxy, Napster, Gnutella, Napster, Gnutella, imesh, Scour, etc.imesh, Scour, etc.
Slide 18
Step 1: Classify -- What’s Running on My Network?
Traffic types that PacketShaper has detected are shown in the PolicyConsole
Slide 19
Classification Reports
Inbound Inbound andand Outbound Outbound
TrafficTraffic
Slide 20
Classify Traffic By …
Location Service Both
Slide 21
In addition to Traffic Discovery, you can Create your own traffic classes based on a combination of:
Inbound or Outbound directionProtocol (IP, IPX, SNA, NetBEUI, Appletalk, etc.)IP address space (host, range, network, host list)IP CoS/ToS,DSCP,MPLS Label, VLAN IDTCP/UDP port numbers,port range, source destination pairPredefined service types (e.g., http)URL Strings (e.g., web pages, file types)Citrix Types (published application, client name)H.323 calls - VoIP (dynamic port negotiation)Traffic Tree can be hierarchical (e.g., under the Citrix traffic class is a subclass for each Published Application)
Step 1: Classify -- What’s Running on My Network?
Slide 22
Step 2: Analyze -- How Is It Performing Today?
Extensive monitoring and evaluation toolsAbility to establish baseline application performance so you can quickly see deviations
Slide 23
Example: Link Utilization
If peak rate is drastically higher than average rate you can increase your overall average utilization!
Slide 24
Example: Network Efficiency
Network Efficiency: Designed to expose the hidden cost of retransmissions
Slide 25
Example: Transaction Delay
Is my network causing problems? Or is it one of my servers?
Slide 26
Step 2: Analyze -- How Is It Performing Today?
What’s competing for the bandwidth?Top Talkers & Listeners
Traffic Distribution
Slide 27
Step 3: Control -- How Do I Control Performance?
You can set rules to control performancePer-application minimum/maximum bandwidth partitionsPer-user minimum/maximum bandwidth policiesPriority-based policiesAnd many more
PacketShaper implements TCP Rate ControlControl the rate at which end-systems communicate
– Using industry-standard TCP/IP– Manage traffic flows and aggregate classes with bits-per-second
accuracyNo queuing-induced latency; reduced packet lossInbound and outbound controlProactive
“The key to successful policy lies in the ability of the institution to make all parties aware of the policy and have some means to ensure compliance.”
Gartner Group, Sept 2000
Slide 28
TCP/IP Flow Control
Normal IP flow control (no PacketShaper)Large file transfer started (e.g., ftp from internet)Receiver negotiates speed of connection, using window size and ACK Unaware of bottleneck or competing trafficOpens large window and floods link Mission critical traffic impacted (e.g., Oracle)
ReceiverSender
Window 16kACK 10000
Data transmission floods link
Slide 29
Rate Control
Since PacketShaper sits at a strategic access point, it sees competing flows, knows available b/w, realtime demand, desired QoSPacketShaper can make intelligent decisions on how to set flow-control parameters (appropriate window size, metered ACK)PacketShaper Rate Control throttles back on lower priority traffic, leaves room for delay-sensitive mission-critical trafficTraffic sent from host at specified rate, end-to-end
ReceiverSender
Window 16k
ACK 10000Window 2kACK 8000ACK 9000ACK 10000
Data transmission @ desired rate
Slide 30
Slide 31
Slide 32
With ControlWith Control
Without ControlWithout Control
Impact of Control
Slide 33
Impact of Control
With ControlWith Control
Without ControlWithout Control
Slide 34
Typically Bandwidth
Usage before control
Typically Bandwidth Usage after
control
Before and After Control
Slide 35
PacketShaper’s Rate Control
Because rate control is end-to-end, PacketShaper enables management of both inbound and outbound traffic
Rate control avoids congestion caused by hosts flooding router queues
Reduces transaction delay
Since individual IP flows are being controlled, you can set per session QoS
Supported for TCP and UDP traffic (modified for UDP)
Slide 36
Step 4: Report -- How Do I Show Results?
PacketShaper lets you:Track service level agreements Determine whether you’re meeting user expectationsPlan for the future of your network
Slide 37
PacketShaper Success Stories
Pacific University – Forest Grove, OR
“PacketShaper helps us immensely by automatically classifying most of the traffic types seen on campus, and allowing us to set policies to control each of those types of traffic. It also allows us to see the most frequent users and set policies just for them. Using PacketShaper helps us ensure that everyone, from the University Faculty to the registrar to the freshmen in the dorms, gets the bandwidth they need.” -- Ted Krupicka
Slide 38
Plattsburgh State University – Plattsburgh, NY
"When Napster started becoming popular with our students, we almost immediately saw the impact on our dormitory network connecting all the students. Due to the elusive nature of most of these entertainment-based applications, firewalls simply can't prevent them from entering the network. Through this solution’s [PacketShaper’s] application discovery and analysis capabilities we are now able to see when Napster and other similar applications try to take over our network.“
from New Media Music, June 6, 2000
PacketShaper Success Stories
Slide 39
PacketShaper Success Stories
“We were seeing a trend toward the increasing use of peer-to-peer applications like Napster on the campus network and knew that it could become a significant problem for us. We considered a variety of possible remedies. We knew that just adding bandwidth wouldn’t solve it, because peer-to-peer applications take anything they can get. By installing PacketShaper on our network, we could set policies to limit their use to a relatively small portion of the pipe. This is a much better use of our resources.”
Jim Bourn, Director of Data Communications
Slide 40
Sample Campus NetworkSample Campus Network
Internet
Engineering
Distance Learning
AdministrationLibrary & Research
Dorms
Computer Science
Slide 41
Lessons Learned
Know what’s on your networkGuarantee bandwidth for teaching / learning applicationsImproved performance for administration applicationsCap recreational web surfingGet visibility into and control over bandwidth usageMake intelligent decisions about capacity planningAnd more
Slide 42
PacketShaper Product Line
49,000
3,000
128k 512k 2M 10M 45M 100M 200M
1500 Series
2500 Series
4500 Series 6500 Series
8500 Series
Slide 43
About Packeteer
Founded in 1996, pioneer of bandwidth management and application performance solutionsIPO in July 1999, NASDAQ: PKTRHeadquarters in Cupertino, CA, with offices worldwide
US Offices: New Jersey, Chicago, Atlanta, Dallas, Washington D.C., San DiegoOffices Abroad: Netherlands, Hong Kong, Japan, Australia, England, France, Germany
Employees: 200Customer proven
PacketShaper shipping since February 1997>20,000 PacketShapers shipped worldwide5th generation of software, 2nd generation hardware
Slide 44
Higher Education Institutions
St. John Fisher CollegeOver 500!!!
Slide 45
K-12 Institutions
Slide 46
Problems Addressed by PacketShaper
In Higher EducationNapster, Gnutella, iMeshe-LearningResearchAdministration
In K-12Equal and fair access for all schools in districtBandwidth hogs can’t impact students’ or teachers’ ability to quickly access key administrative and learning sitesNapster, Gnutella, iMeshNote passing Greeting cards
Slide 47
Lessons Learned - Summary
PacketetShaper enables educational institutions to: enables educational institutions to:
Know what’s on their networkReserve bandwidth for teaching, learning, and other mission-critical applicationsGuarantee performance for administration applicationsCap recreational web surfing and P2PGet visibility into and control over bandwidth usageMake intelligent decisions about capacity planningProtect smaller satellite campusesAlign WAN resources with organizational prioritiesMaximize the return on existing network infrastructureAnd much more
Slide 48
Stanford Listserv
Working with Stanford University there is now available a mailing list for Packeteer higher education customers. The primary purpose of the list is to let customers talk to each other to discuss organizational or technical issues related to deploying Packeteer products.
Customers can get registration info at:http://www.packeteer.com/solutions/industries/education/stanford_listserv.cfm
Slide 49
Necessary Control for Today’s Networks
ReportReport
ClassifyClassify AnalyzeAnalyze
ControlControl
ApplicationsApplications