In my broadband traffic management article on finding rational solutions to ease congestion, I described the challenges facing telecom service providers in the changing bandwidth-use landscape
The bigger issue is that to manage bandwidth effectively, every ISP needs to consider two crucial questions:
- Do I need to buy dedicated boxes to implement bandwidth traffic quotas or other advanced service definitions for network traffic management?
- Do I have to deploy deep packet inspection (DPI) to implement broadband traffic management?
The short answer to both is: not in most cases; , but you have more options if you do. Let's look at a few examples: In Metro Ethernet solutions, each subscriber is attached to a dedicated switch port. DSL solutions usually use aggregation devices -- Point-to-Point Protocol over Ethernet (PPPoE) termination servers, for example -- which represent each DSL connection as a virtual interface. WiMAX Access Service Network (ASN) gateway uses a similar concept. In these scenarios, a subscriber is associated with a physical or virtual interface on a router or switch. Whenever you can establish that association (cable operators might not be so fortunate), you can implement numerous per-user billing or quality of service (QoS) mechanisms on your existing networking equipment, assuming that you weren't focusing solely on the acquisition price when you bought it.
Dedicated network traffic management equipment (Cisco's Service Control Engine, for example) identifies subscribers based on their IP addresses, which are gleaned from RADIUS or Dynamic Host Configuration Protocol (DHCP) requests and responses, and is therefore independent of the physical infrastructure you have in your network. Equipment independence also gives you free migration paths. If you decide to offer new access technology, you can still use the same network traffic management solution.Implementing simple network traffic management on existing routers and switches
Creative use of existing billing, network management and QoS mechanisms available in your routers and switches can meet your immediate network traffic management needs. You can easily address the two most common requirements:
- Traffic caps and over-the-cap traffic charges: You don't need to touch your network; just implement a billing system that can collect interface counters from your switches or RADIUS accounting records from your DSL aggregation devices, then process them.
- Downgrade access speed: If you decide to implement per-user quotas and downgrade the access speed of the offenders, you could deploy outbound policing rules on interfaces associated with those users. The solution is extremely simple in environments with PPPoE termination, as most routers allow you to download per-interface configuration with RADIUS.
Sometimes you simply have to develop your own quick-and-dirty solution -- for example, if you need a stopgap solution now but don't have any budget left for this fiscal year. Still, for a number of reasons, you should always consider buying dedicated network traffic management devices:
- Dedicated network traffic management devices work on the IP address or the application-flow level, giving you more flexibility.
- Dedicated devices support common network traffic management schemes with little additional configuration. In the worst case, you can use them in standalone mode, whereas you have to develop a specific solution tailored to your network topology and access technology if you want to deploy traffic management on your routers or switches.
- Network Traffic traffic management devices give you a single management and configuration point. If you want to implement dynamic per-user quotas on a switched network, you have to change access device configuration.
Once you get past the steep part of the learning curve (and you should plan to use external professional services and training to get there), deploying new policies on a dedicated network traffic management solution becomes scalable, while home-brewed solutions usually stay in the ""kludge"" phase of the development cycle.
Next: Deep Packet Inspection, who needs it?
About the author: Ivan Pepelnjak, CCIE No. 1354, is a 25-year veteran of the networking industry. He has more than 10 years of experience in designing, installing, troubleshooting and operating large service provider and enterprise WAN and LAN networks and is currently chief technology advisor at NIL Data Communications, focusing on advanced IP-based networks and Web technologies. His books include MPLS and VPN Architectures and EIGRP Network Design.Check out his IOS Hints blog.