Upload
makani
View
42
Download
3
Embed Size (px)
DESCRIPTION
Request Scheduling for Differentiated QoS in Internet. 林盈達 交大資訊科學系 [email protected] www.cis.nctu.edu.tw/~ydlin www.nbl.org.tw. B.S., NTU-CSIE, 1988 Ph.D., UCLA-CS, 1993 Professor, NCTU-CIS Founder, ITRI-NCTU Network Benchmarking Lab (NBL; www.nbl.org.tw ) - PowerPoint PPT Presentation
Citation preview
2004/10/22 HSN LAB 1
Request Scheduling for Differentiated QoS in
Internet
林盈達交大資訊科學系
[email protected]/~ydlin
www.nbl.org.tw
2004/10/22 HSN LAB 2
B.S., NTU-CSIE, 1988 Ph.D., UCLA-CS, 1993 Professor, NCTU-CIS Founder, ITRI-NCTU Network Benchmarking
Lab (NBL; www.nbl.org.tw) Co-Founder, L7 Networks Inc. Areas of research interests
Design, implementation, analysis, benchmarking of Internet gateway devices
Internet security and QoS Content networking
2004/10/22 HSN LAB 3
Agenda
From D(evelopment) to R(esearch) The Wall Project
From paper review to product review The Network Benchmarking Lab (NBL)
Request scheduling at access Request scheduling at Web site
2004/10/22 HSN LAB 4
All-in-One Content-aware
Security & QoS Gateway
High Speed Network Lab.
CIS NCTU
Wall
2004/10/22 HSN LAB 5
Evolution of Wall7-in-1 (NetBSD)
Handling the problems in TCP/IP layer NAT, Firewall, VPN, Router, BW mgnt., IDS, URL filter
10-in-1 (NetBSD) Content-aware Anti-Virus, Anti-Spam, CF/Keyword Reducing System Overheads: New Arch./Alg.
N-in-1 (Linux) Easy to add new modules UPnP, APP Firewall, SSL-VPN, Wireless AP
2004/10/22 HSN LAB 6
Live Test of Wall
ClientsClients
SwitchSwitch
10-in-1 NetBSD10-in-1 NetBSD140.113.88.193140.113.88.193
NB_2NB_2
7-in-1 NetBSD7-in-1 NetBSD140.113.88.156140.113.88.156
SwitchSwitch
Private LAN APrivate LAN A(192.168.88.*)(192.168.88.*)
Private LAN BPrivate LAN B(192.168.1.*)(192.168.1.*)
NB_1NB_1
NB_3NB_3
WANWAN(140.113.88.*)(140.113.88.*)
N-in-1 LinuxN-in-1 Linux140.113.88.165140.113.88.165
NB_5NB_5
SwitchSwitch
Private LAN CPrivate LAN C(192.168.3.*)(192.168.3.*)
NB_4NB_4
DMZ(10.1.88.*DMZ(10.1.88.*))
File ServerFile Server
2004/10/22 HSN LAB 7
Configuring Wall: NAT
2004/10/22 HSN LAB 8
Configuring Wall : Anti-Spam
2004/10/22 HSN LAB 9
Awards and Tech. Transfers
Technology Transfers
7-in-1Transferred to ZyXEL and D-link (D-Link DFL-1500, DFL-900)
10-in-1Transferring to L7 Co. Ltd.
Plan to transfer to D-Link, Planet
AwardsMOE The MOE project competition 2nd (US$6667)
TIC100 Technology Innovation Competition 1st (US$16667)
MOEA Business Award of Taiwan Incorporation Competition 3rd
SLAT Software Liberty Association of Taiwan (US$3333)
2004/10/22 HSN LAB 10
Research Tasks N-in-1 Security and QoS Gateway
Integrate Interesting functions: L7 firewall, UPNP, Wireless AP Port to other hardware platform: IXP 425
Improving System Performance 4-in-1 Proxy Arch.: Spam+ Virus+ IDS+ CF (Throughput X 2) Fast Accurate CF: Early Decision+ Oriental Keywords (N-gram)
Request Processing Throughput X3, ¼ User latency Accuracy of blocking adult web pages (69.7%->97.2%)
Streaming-based Mail Proxy Content security processing on IXP
Request Scheduling for Differentiated QoS Website gateway: Multi-Resources Req Scheduling Access gateway: Requestized-GPS
2004/10/22 HSN LAB 11
Conclusion and Future WorkWorking Style
Open Source Integration and Performance Improvement
d-R-D Integration->Benchmark->Analysis/Simulation-> Implementation
Team Work CVS, SOP
Achievements
Paper 4 papers per year
Patent 2 patents per year
Prototype 1 prototype per year
Future Work
Next1. Signature matching: new Alg. and hardware speedup
2. Application QoS: Request Scheduling
2004/10/22 HSN LAB 12
Specification of Wall
Connectivity LAN, DMZ, WAN,
DHCP, DNS relay, Wireless AP, Dynamic DNS
Security IPSEC, PPTP, L2TP, SSL-VPN
Firewall NAT, Firewall, APP firewall, UPnP,
Mail Filter Anti-Spam, Anti-Virus
Web Filter URL, URL keyword, content keyword
BW Magt. CBQ
Magt. Web GUI, SSL, FTP
2004/10/22 HSN LAB 13
LAN/DMZ
Redirect RouteMAC Filter
In-LAN Filter
Out-WAN Filter NAT
IPsecVPN
BandwidthMgt.
LAN/DMZ to WAN Outbound Traffic
Policy Route
sniff
Y Y
Y
Y
RedirectBandwidth
Mgt.IPsec
deVPNIn-WAN
Filter
Out-LAN Filter deNAT
Y
Intrusion Detection
AlertingSystem
Route
FTP/POP3/SMTP/Web/URL Filter with Many-to-One NAT
WAN
WAN to DMZ/LAN Inbound Traffic
7-in-1 System Prototyping
• 7-in-1: VPN, Firewall, NAT, Routing, Content Filtering,
Intrusion Detection, Bandwidth Management
2004/10/22 HSN LAB 14
Snort
DansGuardian
Squid
USER LAYERUSER LAYER
Web User 1Web
User 1 Web ServerWeb
ServerWeb User 2Web
User 2
Original Web Traffic Flow
User/Kernel
Interaction
child ps 1
child ps 2
Snort
MTA
KERNEL LAYERKERNEL LAYER
USER LAYERUSER LAYER
MailUser 1Mail
User 1Mail
ServerMail
ServerMail User 2Mail
User 2
Original Mail Traffic Flow
child ps 1
child ps 2
AMaVis SpamAssassian
child ps 1
child ps 2
Inter-Process Communicati
on
Packet Sniffin
g
Webfd MIME Handler
File type Recognition
Decompressor/ Decoder
ClamAV
User/Kernel
Interaction
AMaViS
SpamAssiassian
Text File
KERNEL LAYERKERNEL LAYER
USER LAYERUSER LAYER
New 4-in-1 Proxy Architecture
ClamAV
Network Interface
TCP/IP stackPort 25Port 80
Snort (Detect Engine)
DansGuardian(IP/URL/Text check)KERNEL LAYERKERNEL LAYER
Static Link
Shared Lib
Multi-Threa
d
4-in-1 Proxy Architecture
2004/10/22 HSN LAB 15
Early Decision algorithm
D(n, m): Have read n% of text and scored m marks so far. C: The text should belong to category C
)'()'|),(()()|),((
)()|),(()),(|(
CPCmnDPCPCmnDP
CPCmnDPmnDCP
How to compute P(D(n,m)|C)?
C
mnDwhichinCCmnDP
#
)),((#)|),((
The computation of P(D(n,m)|C’) is defined similarly.
2004/10/22 HSN LAB 16
Request Scheduler at Access Gateway
Clients
Server
Access Link
Internet
Access Gateway
Edge Router
SQ1Q2
Qn
ACC1
ACC2
ACCn
C
C
U
KRequests
Response
Request Scheduling (Fair Queuing + Window Rate-Control)
RequestRelease
Controller
ConcurrentResponsesController
When to send?
High Util is necessary
Who is the next?
2004/10/22 HSN LAB 17
From Paper Review to Product ReviewNetwork Benchmarking Lab
ITRI-NCTU Network Benchmarking Labwww.nbl.org.tw
Your Exclusive Product ReviewerDon't Ship It Unless Tested at NBL!
2004/10/22 HSN LAB 18
NBL Overview
Founded in May 2002 Goals
Act as a 3rd-party product reviewer Watch product qualities
functionality, performance, conformance, interoperability Foster interactions between academia and industry
Funding sources Membership fees from vendors Industrial Technology Research Institute (ITRI)
Partners Industrial Development Bureau, Ministry of Economic Affairs
(MOEA) Computer & Communications Research Labs, Industrial
Technology Research Institute (CCL, ITRI) National Chiao Tung University (NCTU) Connectimes Magazine, Insitute for Information Industry (III)
2004/10/22 HSN LAB 19
Testing …. Types of testing
Functionality Performance Conformance Interoperability Benchmarking
DUTs Security: FW, VPN, IDP, SSL VPN, CF, AV, AS, IM, etc. WLAN: 802.11 b/g/a/n/e interoperability, mobility,
roaming, streaming Switch/Router: bridging, routing, multicast, stacking, etc. VoIP: voice quality, call processing, interoperability, etc. Others: load balancer, bandwidth manager, servers, etc.
2004/10/22 HSN LAB 20
Request Scheduling for Differentiated QoS at
Access Gateway
2004/10/22 HSN LAB 21
Motivation
Bandwidth of access link is usually the bottleneck when enterprise connects to Internet
Bandwidth management at access gateway is required
Traditional packet scheduling has three problems: Low scalability Scheduling behind the downlink bottleneck Excessive concurrent transmissions
2004/10/22 HSN LAB 22
Scheduling Requests
Most application protocols on the Internet use request-response model
Recent studies use request scheduling on Web QoS
The objectives of Request Scheduler (RQS) DIFFERENTIATED SHARED REDUCING CONGESTION
2004/10/22 HSN LAB 23
Primitive Idea
RequestClassifier
Send Requests
Response
Affect
Request SchedulerClass A
Class C
Requests
decide release Which request and When to release the
request
2004/10/22 HSN LAB 24
Operation Model of Downlink Management
ClientServer
Access Link
Internet
ReleaseProportionController
ReleaseTime
Controller
RequestClassifier
ResponseRecorder
Class Queues (FIFO)
ReQuest Scheduler
Access Gatewa
y
Edge Router
Send Request
Receive Response
2004/10/22 HSN LAB 25
Simulation
RQS is implemented in HTTP/Cache class in ns2
Questions to be answered Differentiation and Sharing
Average Bandwidth Usage User-perceived Latency
Reducing Congestion Inaccurate parameters
The Impact Compensation
2004/10/22 HSN LAB 26
Simulation Scenario
RQSGateway
R
S4(5KB)
S3(10KB)
S2(20KB)
S1(40KB)
128Kb 50ms
400Kb 200ms
200Kb 400ms
100Kb 800ms
50Kb 2000ms
C1-1C2-1C3-1C4-1C1-2
C2-2
C3-2
C4-2C1-3 C2-3 C3-3 C4-3
10Mb 2ms
Class1
Class2
Class3
2004/10/22 HSN LAB 27
Throughput Differentiation
Bandwidth Usage
0
20
40
60
80
100
120
0 1 2 3 4 5 6 7 8
Time (min)
Thro
ughp
ut (K
b/se
c)
Total
Class1
Class2
Class3
Average Bandwidth Usage
0
20
40
60
80
100
120
0~4 min 4~8 min
Ban
dwid
th (K
b/se
c)
Total
Class1
Class2
Class3
The quantum ratio is 4:2:1
Class3 starts to send requests at 4 min.
2004/10/22 HSN LAB 28
User-perceived Latency Analysis
Average Delay in Gateway
0
5
10
15
20
25
30
35
40
Server1 Server2 Server3 Server4
Tim
e (s
ec)
Class1
Class2
Class3
The Sum of Average Delayresp and Transmission Time
0
5
10
15
20
25
30
35
40
Total Server1 Server2 Server3 Server4
Tim
e (s
ec)
NoRQS
RQS
Class1
Class2
Class3
Client send
request
Gateway
getrequest
Gateway
sendrequest
Gateway
getrespons
e
Clientget
response
The sum of Delayresp and Transmission TimeDelay in Gateway
2004/10/22 HSN LAB 29
Conclusions
RQS provide differentiated and sharing bandwidth between various classes, and reduce congestion (68.75% in delay between gateway and server) occurring at the access link
RQS is robust to achieve the fairness between classes even when the response size estimation is inaccurate.
2004/10/22 HSN LAB 30
Request Scheduling for Differentiated QoS at Website
Gateway
2004/10/22 HSN LAB 31
Web Bottleneck
Decomposition of Web page download time:
Real case: (Keynote business 40 Internet performance index) [2]
Bottleneck could be at network or server Focuses on resolving server bottleneck
Website operators can completely control their servers Offer better throughput and latency for some users – To Provide Differentiated QoS
2004/10/22 HSN LAB 32
Problem Statement
Given RequestsRequests of different classesdifferent classes A Web serverA Web server with static pagesstatic pages A gatewayA gateway placed in front of the Web server
Objective – Provide differentiated QoS through HTTP requests at website gateway Request Classification
Classification should be content-aware Request Scheduling
Partitions server throughput proportionally according to different weights
Request sending rate should not overwhelm the server Server Probing
URL and response size
2004/10/22 HSN LAB 33
Architecture of the QoS Website Gateway
class n
class 1
class 2 Scheduler
Class Queues
ClassifierWAN
QoS Policy Table
Rule 1Rule 2
Rule q
HTTPRequests
Web Server
Prober
QoS Website Gateway
Web Page Table
Page 1Page 2
Page w
2004/10/22 HSN LAB 34
Queue 1(60% b/w, Quantum[1]=600)
HTTP Request
DeficitCounter[1]
Queue 2(30% b/w, Quantum[2]=300)
Queue 3(10% b/w, Quantum[3]=100)
DeficitCounter[2]
DeficitCounter[3]
Scheduler
Window Controller
Web Server
HTTP Response
Response size
300200
150 250300
200150250
150
Request Scheduling
Decides which request can be fetched next Partitions server throughput proportionally
Deficit Round Robin (DRR) scheduling Decides when to release a fetched request
Releases requests according to service rate of the server Window control mechanism
600
Round Robin Pointer
300<=600
300
200<=300
600-300=300
300
300-200=100
100
200
150>100Round Robin Pointer
300
250<=300
300-250=50
50 250
300>50
100
Round Robin Pointer
200>100
Round Robin Pointer
700
150<=700
700-150=550
150
550
Round Robin Pointer
350
300<=350
350-300=50
50 300
150>50Round Robin Pointer
200
200<=200
200-200=0
0
200
150>0
Round Robin Pointer
300200250150300?????
2004/10/22 HSN LAB 35
Operation Scenario of the Implementation
user space
kernel space
NetBSD
WebQ
127.0.0.1:880
WebServerfxp1
QoS Website Gateway
ipnat rule:rdr fxp0 192.168.0.5/32 port 80
-> 127.0.0.1 port 880
fxp0
HTTP requests
Classifier Scheduler
QoS Policy Table
Web Page Table
192.168.0.5:80
HTTP responses
WAN
Prober
2004/10/22 HSN LAB 36
Throughputunder Various Fixed-Size Web Pages
QoS-disabled case
Class 1 average: 3.9 Mbps
QoS-enabled case
Class 1 average: 8.3 Mbps
0
10
20
30
40
50
60
32 128 512 2K 8K 32K 128K
Page size (Bytes)
Thr
ough
put (
Mbp
s)
class 1
class 2
class 3
total
0
10
20
30
40
50
60
32 128 512 2K 8K 32K 128K
Page size (Bytes)Thr
ough
put (
Mbp
s)
class 1
class 2
class 3
total
+176%
2004/10/22 HSN LAB 37
Throughput Ratiounder Various Fixed-Size Web Pages
QoS-disabled case QoS-enabled case
0%
10%
20%
30%
40%
50%
60%
70%
80%
90%
100%
32 128 512 2K 8K 32K 128K
Page size (Bytes)
Nor
mal
ized
Thr
ough
put
class 1
class 2
class 3
0%
10%
20%
30%
40%
50%
60%
70%
80%
90%
100%
32 128 512 2K 8K 32K 128K
Page size (Bytes)
Nor
mal
ized
Thr
ough
put
class 1
class 2
class 3
2004/10/22 HSN LAB 38
User-Perceived Latencyunder Various Fixed-Size Web Pages
QoS-disabled case
Class 1 average: 442 ms
QoS-enabled case
Class 1 average: 199 ms
0
500
1,000
1,500
2,000
2,500
3,000
3,500
4,000
32 128 512 2K 8K 32K 128K
Page size (Bytes)
Lat
ency
(m
s) class 1
class 2
class 3
average
0
500
1,000
1,500
2,000
2,500
3,000
3,500
4,000
32 128 512 2K 8K 32K 128K
Page size (Bytes)Lat
ency
(m
s) class 1
class 2
class 3
average
-69%
2004/10/22 HSN LAB 39
Conclusion and Future Work
A request scheduling algorithm deployed at the website gateway to provide differentiated Web QoS Transparent to clients and the server Without modifying server kernels/daemons Classification is content-aware Non-work-conservative for access link; but is work-conservative for the
server and the reverse direction Server throughput can be partitioned proportionally to different classes
Results summary Three classes gets 60% 30% 10% of server overall throughput as pre-
defined QoS policies, regardless what page sizes (Accurate & Robust) The throughput and user-perceived latency of class with the highest
priority can be improved by up to 176% and 69% (Successful) Future work
Dynamically generated pages Server cluster