Shulou(Shulou.com)06/01 Report--

I. interpretation of nouns

CAR (Committed Access Rate): committed access rate. A method of classifying and marking traffic policies that limits the rate of IP traffic based on IP priority, DSCP values, MAC addresses, or access control lists. CAR uses the token bucket mechanism to check whether there are enough tokens in the token bucket. If an interface has a token available, the token can be removed from the token bucket and the packet is forwarded, and when this interval passes, the token is re-added to the token bucket; if the interface does not have a token available, CAR can define the behavior to be taken against the packet.

CIR (Committed Information Rate): committed information rate. For the speed at which tokens are added to the token bucket per second, the traffic of the message must be less than or equal to the speed at which the token is generated.

CBS (Committed Burst Size): promise sudden size. The size of the token bucket, that is, the maximum amount of traffic allowed for each burst.

EBS (Excess Burst Size): excess burst size. For the burst of traffic that can continue to pass.

PQ (Priority-List): priority queue. PQ classifies messages into high priority queues, medium priority queues, normal priority queues and low priority queues. When the message is out of queue, PQ first lets the message in the higher priority queue out of the queue and sends it until it has finished sending the message in the queue.

Second, fault display

A branch often reflects that the access of the 2m direct connect network it uses is slow, the link delay is about 2000ms during working hours, and the packet loss rate is about 10%.

1. Log in to its aggregation router remotely to view the data traffic of the WAN interface, and find that the network traffic is about 990Kbps, and the link utilization is close to 50%. There is no network congestion.

2. Through the analysis of grabbing network packets from the mirror port of the aggregation switch, it is found that the network packets are mainly composed of HTTP agents, which can be judged that users use group proxy servers to access the Internet and use HTTP agents to download data.

3. Show the status of the proxy server and find that its session connection radiates to different users, so it can be concluded that a large number of users are using HTTP agents to access the Internet.

4. Mining the communication traffic of the proxy server, it is found that the traffic rate is high, which is about 980Kbps, and the bandwidth occupancy rate is up to 48%.

Third, fault analysis

The root cause of high link delay and high packet loss rate is that P2P or UDP protocols in network data are encapsulated in HTTP protocol, and individual users download data through HTTP proxy P2P, thus occupying the network resources of other users. Therefore, the rate limit of data streams with HTTP agent behavior can reduce the load of dedicated line links and ensure the response speed of users to access important application systems through priority queues.

1. Rate limit

Use the CAR token bucket mechanism to limit the rate of related data traffic. Because the bandwidth of the subscriber private line network is 2m, which belongs to the low-speed link, it is necessary to classify and color the main data streams.

Application type

Intranet application system

HTTP Agent

All applications

Committed bandwidth

768Kbps

512Kbps

1920Kbps

Burst bandwidth

819Kbps

768Kbps

2048Kbps

2. Color classification and treatment.

If there are enough tokens in the token bucket, the message is marked as green, that is, green message; if there are not enough tokens in the token bucket, the message is marked as red, that is, red message. (the shading method is shown in the following figure)

3. Define priority queues

Application type

Intranet application system

HTTP Agent

Other applications

Response level

Top

Bottom

Normal

IV. Summary

The flow control mechanism is to store IP packets in the router cache queue and forward them according to the defined rules. Because the queue scheduling calculation takes a certain time, it is necessary to increase a certain network delay in the low-speed point-to-point link to ensure the integrity of the network data and further reduce the link packet loss rate.

After setting CAR (commitment information rate) and PQ (priority queue), the non-critical business data flow of the link is effectively controlled, and users can access each application system normally under the premise of high bandwidth occupancy rate.

At present, there are mainly two kinds of flow control methods for enterprise Netcom. One is based on the network behavior of the application layer, that is, the network behavior of users is screened by the Internet behavior control system deployed at the boundary of the enterprise network, in order to achieve the purpose of flow control. The advantage of this method is that the implementation is simple, the protocol rule base contained in the Internet behavior control system is relatively complete, and it can identify all the mainstream application protocols in the current network environment, and the operator does not need to define the protocol category and operation behavior manually. Only select the formed control mode in the rule base according to the needs of specific users. The disadvantage is that even if the user data flow is accurately controlled at the network boundary, there will still be request and reply packet transmission in the link from the user terminal to the network boundary, especially in the TCP protocol, there will be a large amount of retransmission data, which will affect the link performance to a certain extent.

The other is the control method based on the network layer user stub data packets, that is, the user's IP packets are classified and filtered by network devices such as routers or switches deployed at the end of the home, so as to achieve the purpose of flow control. The advantage of this method is that it can control the illegal traffic data of users at the source, further reduce the load pressure on upstream network equipment and links, and provide the most fundamental bandwidth and priority guarantee for video conferencing, GPS and other normal office data. The disadvantage is that operators need to have a deep understanding of the composition of network data, and make detailed planning and classification of the bandwidth and priority that each business data flow can use. the fast forwarding of critical business data streams and the discarding of illegal data streams are realized by manually defining protocol categories and operation behaviors in routers or switches.

In the practical application of enterprise network, according to different user groups and network application categories, the above two flow control methods can be organically combined to realize the diversified guarantee of network key business data transmission. On the one hand, the network boundary behavior control system is used to control the protocol clusters such as P2P and streaming media, which occupy network resources, so as to ensure the normal forwarding of data flow in the enterprise intranet. On the other hand, we can ensure the transmission rate of critical business data by creating a reasonable queue scheduling mechanism in the user's terminal network equipment, and limit or block the network bandwidth occupied by abnormal data flow to a certain extent. At the same time, we can also layer the business data by creating PQ (priority queue) or LLQ (low delay queue). So that the messages of real-time services (such as VoIP) can be given priority, and the messages of non-real-time services (such as HTTP-PROXY) can be processed after the completion of real-time service response, which not only ensures the priority of real-time services, but also makes full use of network resources.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.