ProductsBandwidth Management Technology White Paper
Keyword: Bandwidth management, segment-based bandwidth management, user-based bandwidth management, service-based bandwidth management, connection-based bandwidth management, channel-based bandwidth management
Abstract: This document details how H3C bandwidth management works, and related technologies and solutions.
Acronyms:
Acronym | Full spelling |
HTTP | Hypertext Transfer Protocol |
P2P | Peer to Peer |
Table of Contents
H3C Bandwidth Management Technology· 3
Segment-Based Bandwidth Management 3
User-Based Bandwidth Management 3
Service-Based Bandwidth Management 4
Connection-Based Bandwidth Management 4
Channel-Based Bandwidth Management 4
Overview
Bandwidth is extremely precious for service providers and enterprise networks. To control increasingly serious abuse of bandwidth and utilize network bandwidth resources more reasonably, some bandwidth solutions were introduced. However, these solutions have the following disadvantages:
l The bandwidth management is not adequately hierarchical. A traditional bandwidth management solution assigns bandwidth to traffic flows on an interface based on their priorities, and uses a flat bandwidth management method for the interface. Recently, some hierarchical bandwidth management technologies appear. However, they usually provide bandwidth management at only two layers, such as user layer and application layer, failing to achieve more granular bandwidth management at more layers.
l A single IP-based management model cannot manage traffic granularly. Currently, the network bandwidth management gradually becomes an IT service-oriented management, such as granular management orienting mail services and Internet accessing services. A traditional single IP-based management model cannot satisfy such requirements.
l Protocol-based bandwidth management is hard to implement. Several hundreds of application protocols are based on TCP or UDP. Therefore, it is hard to management traffic based on protocols. Classifying the application protocols according to the services they provide and then managing bandwidth for these services, you can manage the network traffic more easily.
The H3C bandwidth management technology addresses the problems mentioned above, and provides a simple, easy-to-use, granular, hierarchical, multi-dimension, and service-oriented bandwidth method.
H3C Bandwidth Management Technology
Segment-Based Bandwidth Management
A segment refers to one or multiple physical links. Based on segments, the administrator can limit the average uplink/downlink bandwidth of a segment, thus achieving bandwidth separation on a physical segment and preventing bandwidth abuse.
User-Based Bandwidth Management
On a segment, the administrator can organize traffic into different users or user groups according to the internal or external network IP addresses, and then perform bandwidth management for each user or user group to limit the average uplink/downlink bandwidth of the user or user group, thus avoiding user-level bandwidth abuse.
Service-Based Bandwidth Management
According to the application protocols or services of traffic, the administrator can define different control policies for different users’ traffic of different services, thus achieving granular service-based network traffic management. Service-based bandwidth management can use the following traffic control policies:
l Permit: Allows all traffic to pass through.
l Block: Drops all traffic. For a block policy, you can further configure a quarantine policy. When a user is quarantined, the user will be notified of the quarantine reason. During the quarantine duration, the user can access nothing or only the addresses specified by the administrator.
l Rate limit: Limits the average uplink/downlink bandwidth of different services of different users, thus preventing service-level bandwidth abuse.
l Packet trace: Captures the packet information of traffic, which can be used by senior administrators for analyzing the network.
l Notify: Sends messages to a remote log host, local database, or Email server to notify the network administrator of the key traffic information in the current network.
For example, assume there is a segment whose internal zone is an enterprise network and external zone is the Internet. With the service-based bandwidth management technology, you can limit the average bandwidth to 2 Mbps for the P2P application of user A and to 4 Mbps for the HTTP application of user B.
Connection-Based Bandwidth Management
For the specified segment/user/service, the administrator can perform connection limits, including:
l Connection setup rate limit: Limits the number of new connections created per second for the specific traffic. New connections exceeding the limit are disconnected. If a TCP connection is disconnected, TCP reset packets are sent in both directions.
l Concurrent connection limit: Disconnects the new connections exceeding the maximum concurrent connection limit. If a TCP connection is disconnected, TCP reset packets are sent in both directions.
l Rate limit per connection: Limits the average uplink/downlink bandwidth of a connection, thus preventing connection-level bandwidth abuse.
Channel-Based Bandwidth Management
Channel-based bandwidth management provides a more flexible bandwidth control method. Usually, you can create several hierarchical parent/child channels based on applications or services, and perform bandwidth management for these channels separately. You can set the guaranteed bandwidth for each channel, specify whether a child channel can borrow the bandwidth of its parent channel, and set the maximum bandwidth for the child channel.
Guaranteed bandwidth
You can assign a part of the total bandwidth exclusively to the specific flow as the guaranteed bandwidth. Then, the flow can exclusively use the guaranteed bandwidth even when the network is busy. When the flow is not present in the network, the guaranteed bandwidth of the flow can be used by other traffic flows.
Bandwidth borrowing
l With bandwidth borrowing enabled, when the traffic of a flow exceeds its guaranteed bandwidth, the flow can borrow the bandwidth of its parent channel. This feature improves the bandwidth resource utilization. If multiple child channels of a parent channel want to borrow bandwidth, the child channel with the highest borrowing priority can borrow bandwidth preferentially. If multiple child channels are of the same borrowing priority, the remaining bandwidth of the parent channel is lent to these child channels in proportion to their guaranteed bandwidth.
l Disabling bandwidth borrowing can achieve channel-based bandwidth separation and avoid inter-channel bandwidth abuse.
The channel at the top layer does not have any parent channel, and therefore cannot borrow bandwidth.
Maximum bandwidth
With bandwidth borrowing enabled, the maximum bandwidth of a channel can be limited after it borrows bandwidth.
Application Scenarios
Bandwidth management is usually deployed at the egress of an enterprise network to identify and limit bandwidth abuse of the internal users, thus guaranteeing bandwidth for normal applications of the enterprise.
Figure 1 Bandwidth management deployed at the egress of an enterprise network
As shown in Figure 1, the bandwidth management device (such as an ACG) is transparently deployed in the enterprise network in inline mode to perform bandwidth management for traffic entering/leaving the enterprise network. This deployment mode does not affect the current topology of the enterprise network.
Copyright ©2009 Hangzhou H3C Technologies Co., Ltd. All rights reserved.
No part of this manual may be reproduced or transmitted in any form or by any means without prior written consent of Hangzhou H3C Technologies Co., Ltd.
The information in this document is subject to change without notice.