Optimizing the Internet Quality of Service and Economics for the Digital Generation Dr. Lawrence Roberts President and CEO, lroberts@anagran.com
Original Internet Design File Transfer and Remote Computing main activities Constrained by high cost of memory Only Packet Destination Examined Packet Loss Tolerated (Small Buffer Size) No Flow State Memory No Source Checks ARPANET 1971 No QoS No Security Best Effort Only Slow Rates Copyright Anagran 2006
Planned Use of Internet Voice Video - Totally moving to packets Low Loss required Totally moving to packets Downloads Needs Faster File Transfer Broadcast Needs Fast Guaranteed Rate Path Setup Emergency Services No Preference Currently Who gets service when capacity limited Presence GPS aware of and effecting environment Rapid Response Tasks Financial Transactions time is money Remote Control Games, Avatars Copyright Anagran 2006
Copyright Anagran 2006 Change Is Required No provision for low loss streaming media Cannot determine if valid path exists Cannot insure quality (loss, delay, jitter, rate) Need Preference for streaming media (who gets it) File Transfer much too slow and inefficient Cost growing as traffic grows Correction needed Traffic growing faster than Moore s Law - % GDP an issue Fairness required P2P can swamp other users Security must be improved Delay must be reduced for rapid response
How to Fix The Internet Manage Quality and Routing of Flows, not Packets Flows can be managed individually QoS and route Flow State Memory now economic after 40 years Keeping Flow State avoids routing all packets, reduces cost High packet loss avoided for both files and streams Vastly improved traffic management avoids over-capacity Load can be balanced over all network paths Fairness can be achieved, rates can be service dependent Delay in microseconds due to controlled load, little buffering Security DDOS can be prevented, Authentication improved Copyright Anagran 2006
Copyright Anagran 2006 Buffers Add Delay and Jitter Major Cost Input Route Packet Router Switch Discard Big Output Buffer Output Load Controlled at Output Major Delay Route Flow Router Switch Load Controlled at Inputs Flow State Input Discard Load Measurement Output No Delay
Copyright Anagran 2006 Where Flow Routing is Needed Server Farm ISP Control P2P, Fairness No Loss Video & Voice LAN ISP Network Core WiFi Mesh No TCP Sync Loss CAC Video & Voice DSL EDGE Control P2P, Fairness No Loss Video & Voice
Copyright Anagran 2006 Eliminate Packet Loss at Server Farm TCP Packet Routers under Overload Drop 30-50% of Traffic, Flows Synchronize Output Oscillates 1 0 0 % 7 5 % 5 0 % 2 5 % 0 % P a c k e t Ro u t e r - W RED - 2 :1 O v e r lo a d 5 2 0 1,0 2 0 Flow Routing under Overload Drops 1-2% of Traffic Independent Discards avoid Synchronization, Fairness 1 0 0 % 7 5 % 5 0 % 2 5 % 0 % F lo w R o u te r - IF D - 2 : 1 O v e rlo a d 8 0 0 9 0 0 10 0 0 110 0 12 0 0 13 0 0 14 0 0 15 0 0 16 0 0
Copyright Anagran 2006 Flow Discard for Video and Voice UDP Packet Routers Drop Packets All 6 TV Programs Ruined Flow Routers Drop Flows Five TV Programs Perfect, One Dropped Example of DSL that has the capacity for 5 TV programs, but 6 are requested
Fairness and Flow Classification Flow Rates need to be controlled Flows can be classified using; Deep Packet Inspection Costly, Change or Encryption foils it Classify flow based on Rate, Bytes, Time, Packet Size Flow Router can do this at full rate Class Identification Fairness/Class Rate (Kb/s) File Transfer HTTP 500 450 400 350 300 250 200 150 100 50 0 0 0.5 1 1.5 2 2.5 3 3.5 4 4.5 5 5.5 6 VoIP Copyright Anagran 2006 Time (Minutes) P2P using WRED P2P controlled to Fair Rate Skype 1500 1250 1000 750 500 250 0 Packet Size (Bytes) Dimensions Rate Total Bytes Total Time Packet Size Port Protocol DiffServ Controls Rate Priority Delay Var. Loss Rate
Copyright Anagran 2006 Flow Routing at the ISP Edge Content Sources Text Images Video Voice L3 Packet Routers Flow Router CORE METRO EDGE DSLAM s WiFi Mesh Flow Router Rate control insures fairness and no P2P overload High quality delivery of IPTV & VoIP; delay and jitter controlled Multiple SLA s can be supported and reported DDoS attack identification and protection
Copyright Anagran 2006 End-to-End QoS Signaling in ITU Y.flowreq is a flow based, in-band signaling standard Nearing completion in ITU SG-13, then SG-11 For File Transfer Max Network rate negotiated For Streams Path setup at rate with low loss, jitter Immediate determination of path availability User Preference Priority used if capacity limited In-band signaling insures full scalability to all flows User Authentication to insure per flow security Tunnel Capability allows Virtual Private Networks Fully Scalable, Low OPEX, Guarantees available
Y.flowreq Impact on File Transfer 1,000 Minutes to Download a 1 Hour Video Vidio File of 1 hour at 4 Mbps over 100 Mbps channel with 1% packet loss IP QoS TCP 100 Minutes 1 Hour 10 1 10 100 1,000 10,000 Distance - Miles from source 3 Minutes Video-On-Demand uses TCP to deliver very large files which would take very long times with standard TCP, whereas QoS Signaling can maintain full rate cross Copyright country Anagran 2006
IPTV Path Reservation A critical requirement for streaming IPTV (Sports, News, etc.) is to: Determine if a path exists with sufficient bandwidth for a request To route the Video over that path with low delay variance & low packet loss The ITU QoS Signaling finds and reserves the path if there is one This is the only technique that can do this at line rate and scale to any size deployment 1 SIP Request. Response Policy Server 3 In-Band QoS Request Request 4 Mbps DSLAMs Call Acceptance Response 4 Mbps Accepted 4 2 Video Request Content Servers Needed in IMS, RACF, and all similar IPTV setup protocols Copyright Anagran 2006
Preference Priority Who gets the capacity? Preference Priority was in the telephone network It never has been in the Internet With fixed rate streams it is critical In Overloads: Emergency Services and Military Priority for the office who gets through Priority for the home who gets the 2 video streams ITU Y.flowreq includes preference priority For fixed rate flows, the lowest priority may get blocked For file transfer, the lowest priority may get a lower rate Copyright Anagran 2006
Security Flow Authorization Today routers don t even check the source address Anyone can claim to be anyone else ITU Y.flowreq has a high security Authorization The user logs into the network identifying himself The network checks his billing, QoS priority, and preference The user is given a crypto token with a time limit Each flow is then authorized by the token The user receiving the flow can also reject any flow Helps control SPAM, viruses, worms and DDOS attacks Also insures user has the authority claimed Copyright Anagran 2006
Copyright Anagran 2006 Internet Economics Generally the Internet traffic doubles each year Router cost drops with Moore s Law: ½ every 18 mo This means the cost of the Internet doubles every 3 years The cost can only be kept in check by major redesigns Flow routing with an optical core can cut the cost 16:1 That eliminates 12 years cost growth (4000 times the traffic) Savings are through Lower cost systems, flow and optical Higher utilization Direct lambdas or tunnels between city pairs Route 1.3 times/flow
Copyright Anagran 2006 Conclusions The Internet was not designed for Voice, Video, etc. The current packet router design must be changed Flow routers solve many of the current shortcomings Delay, jitter, loss, and cost all vastly improved Also needed is end-to-end QoS in-band signaling The ITU s Y.flowreq permits many additional capabilities High Speed File Transfer up to 100 times faster Deterministic, scalable, fast video and voice stream setup Higher security with flow authorization Tunnels permitting simple guaranteed VPN s