www.f5.com/solutions/technology/rateshaping_wp.html
Download PDF Version With the increasing proliferation of broadband, more and more users are using Peer-to-Peer (P2P) protocols to share very large files, including software, multi-media files, and applications. This trend has exponentially increased traffic flows across a very wide area network. A more powerful technique based on application signature identification via packet inspection may be needed. Traditional rate shaping techniques may not be sufficient to control new breeds of applications. For example, BitTorrent is a protocol that is typically used by simple desktops to transfer user files via broadband connections. However, using BitTorrent to transfer high volumes of data puts huge pressures on the broadband operators' network. Unfortunately, prohibiting BitTorrent traffic has become routine for some broadband operators and is now a key area of contention between users and broadband operators. This White Paper describes how you can use F5 BIG-IP iRules and the Rate Shaping feature of the BIG-IP Local Traffic Management device to identify different types of traffic for individualized control that can return double-digit capacity without spending a dime on additional bandwidth. Through the combination of iRules and Rate Shaping, you can: * Ensure that critical applications are not impacted by non-priority traffic. F5's BIG-IP Cuts Application Delivery Time and Optimizes Bandwidth Rather than using a one-size-fits-all approach to controlling network traffic, network managers need a more application-oriented way to transmit and distribute network data. In the case of BitTorrent traffic, F5 suggests: Step 1 - Identifying BitTorrent traffic via packet inspection Step 2 - Implementing a rule to isolate BitTorrent traffic Step 3 - Assigning a rate shaping policy that only applies to BitTorrent traffic With BIG-IP iRules and the Rate Shaping feature in the BIG-IP Local Traffic Management system, you can control the bandwidth usage of any type of traffic. Figure 1 shows how Rate Shaping can control the bandwidth usage of just BitTorrent traffic. Controlling BitTorrent Traffic Figure 1: Controlling BitTorrent Traffic The following sections describe each step of the process, provide a sample iRule to identify the BitTorrent application signature, and describe your options for controlling virtually any type of traffic.
The communication between BitTorrent clients starts with a handshake followed by a never-ending stream of length-prefixed messages. The header of the BitTorrent handshake message uses the following format: <a character (1 byte)><a string (19 byte)> The first byte is a fixed character with value '19', and the string value is 'BitTorrent protocol'. Based on this common header, you can use the following signatures to identify BitTorrent traffic: * The first byte in the TCP payload is the character 19 (0x13) * The next 19 bytes match the string 'BitTorrent protocol' Using BIG-IP iRules to Detect BitTorrent Traffic BIG-IP iRules is a powerful yet simple tool you can use to identify and isolate the application traffic you want to direct, filter, or persist on. BIG-IP iRules gives you the ability to customize application switching based on business needs, optimizing the handling of traffic - where and when to send it for the fastest response based on application type, category, and priority. The following example uses an iRule to intercept traffic and pinpoint when a TCP connection has initiated BitTorrent communication and manage only that traffic without affecting any other type of traffic. iRule example Once a TCP client is accepted, BIG-IP inspects the first packet's payload of a TCP connection and looks for a match with the BitTorrent protocol signature. Using the BIG-IP Rate Shaping feature, you can assign a Rate Class that corresponds to the policy you define to control traffic with the BitTorrent protocol signature. In this example, if the TCP payload is a BitTorrent payload type, it is assigned to the Rate Class "p2p_bt". You can also target BitTorrent traffic for special processing, isolating it from all other traffic on the network including routing all BitTorrent traffic through a separate WAN link, limiting the amount of bandwidth devoted to BitTorrent traffic, or any combination of bandwidth control techniques described in this paper. Once the connection is built, you can designate all the subsequent packets in the same client session as "p2p_bt", using the BIG-IP session persistence feature. BIG-IP minimizes the degradation of switching efficiencies due to packet inspection because it doesn't need to process every packet of a session beyond the first few bytes of the first payload packet. By combining bandwidth control functionality with an iRule that identifies and isolates specific types of traffic, you can control traffic in the following ways: * Base throughput rate * Absolute limit on the rate at which traffic is allowed to flow when bursting or borrowing * Maximum number of bytes that traffic is allowed to burst beyond the base rate, before needing to borrow bandwidth * Direction of traffic (any, client, server) to which the Rate Class is applied * Rate class from which this class can borrow bandwidth * Method that the Rate Class uses to queue and dequeue traffic You can also define policies in each Rate Class for traffic flowing through any single or group of virtual servers and/or pools. The following example shows the interface and properties for a basic rate class. Properties for a basic rate class Figure 2: Properties for a basic rate class Limit Excessive, Non-critical Traffic The typical service provider environment that facilitates P2P conversations includes a complex network of connections. These connections start from one end-user to an access network through the backbone of the core network to another access network, and then to the destination end-users at a distant location. A key junction point in these P2P connections, like those used with BitTorrent, is the junction point between the Metropolitan Area Network (MAN) router and the router connecting to the service provider's network backbone. From a traffic management perspective, these junction points are high-impact traffic management locations, as thousands of users transverse this junction to access the service provider backbone to complete P2P file transfers. F5 traffic control at this junction point enables the network operator to manage thousands of users from one network device that is physically located at this junction point. The customer referenced in this paper used an in-line deployment of BIG-IP as a bridge between the MAN router and backbone router to manage BitTorrent traffic. Network Topology Structure Figure 3: Network Topology Structure Measuring Performance Improvements Baselining Implementing traffic policies starts with measuring and documenting the baseline performance of your "untuned" network. You can use any monitoring solution (MRTG, Cacti, Cricket) to baseline the performance of your network. Bandwidth Consumption Baseline Prior to creating policies to manage specific types of traffic, measure the traffic load passing through the BIG-IP switch to baseline performance. You can configure a simple monitoring solution to draw curve diagrams of input/output traffic change through the system. Figure 4 shows an example of a data traffic diagram collected by a typical traffic performance monitor system. Input/Output Peak of General Bandwidth Figure 4: Input/Output Peak of General Bandwidth Note that the traffic through this network junction is high from 8:00 to 24:00, and during this time period, traffic exceeds 60MB/s quite often. Bandwidth Consumption of Specific Applications Baselining traffic across the network also involves the graphing of traffic throughput by application. Using monitoring software, analyze typical Internet applications to determine what type of applications merit their own Rate Class. Figure 5 shows the traffic consumption of FTP and WWW traffic that you can use to determine if these types of applications are using a disproportionate amount of bandwidth. Bandwidth Proportion of WWW and FTP Figure 5:...
|