Network Management Strategies for the CIO
When designing a network that will transport time-sensitive traffic such as VoIP, it is important to pay attention to the switches you deploy and where you deploy them. While most switches sold these days support QoS in the sense that they have multiple queues and can service priority traffic ahead of other traffic by placing it in a different queue, not all of the switches support a granular rate-limiting function. Rate limiting is very important for VoIP.
The purpose of rate limiting is to protect the core of your network and to protect the hosts as well. You can protect your hosts by rate limiting broadcast traffic. On a 'clean' network without a lot of extraneous protocols (e.g. IPX, Appletalk), broadcasts aren't too much of a problem anymore. The biggest problem with a lot of broadcasts is the burden it places on hosts, but with most important systems sporting a 1 or 2 GHz processor, even a large number of broadcasts isn't the problem it used to be. Nevertheless, it is good practice, and good insurance against Denial of Service attacks to rate-limit the broadcasts in your user subnets.
To protect your core, you typically use rate limiting to keep the backbone from being oversubscribed by limiting the amount of particular types of traffic from any ingress point. This is because the queues are only so deep and bursty traffic may overwhelm these buffers causing, tail drops. WRED is the standard defense against tail-drops, but it is inappropriate in
Requires Free Membership to View
many circumstances, so the alternative is to attempt to limit the traffic before it can do any damage.
So you may want to consult your switch manufacturer's website before purchasing to see if the hardware supports rate-limiting specific types of traffic by protocol or IP Precedence or other mechanisms and if so, how their recommended configuration fits with your overall design.
Thomas Alexander Lancaster IV is a consultant and author with over ten years experience in the networking industry, focused on Internet infrastructure.
This was first published in October 2002
Join the conversationComment
Share
Comments
Results
Contribute to the conversation