DOCSLIB.ORG

A Hybrid Loss-Delay Gradient Congestion Control Algorithm for the Internet

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

A Hybrid Loss-Delay Gradient Congestion Control Algorithm for the Internet Rasool Al-Saadi School of Software and Electrical Engineering Swinburne University of Technology This thesis is submitted for the degree of Doctor of Philosophy Faculty of Science, Engineering and October 2019 Technology I dedicate this thesis to my loving parents, my beloved wife Dalia and my sons Ridha and Yousif. Declaration I declare that this thesis submitted for the degree of Doctor of Philosophy contains no ma- terial that has been accepted for the award to the candidate of any other degree or diploma, except where due reference made a in the text of the examinable outcome. To the best of the candidate’s knowledge contains no material previously published or written by another person except where due reference is made in the text of the examinable outcome. Where the work is based on joint research or publications, discloses the relative contributions of the respective creators or authors. Rasool Al-Saadi October 2019 Acknowledgements I would like to express my thanks and appreciation to all the people and institutions who helped, guided, advised and supported me during my PhD journey. I would like to thank my supervisors Prof. Grenville Armitage, Dr. Jason But and Assoc. Prof. Philip Branch for their insight, patience, friendship, encouragement, continuous support and valuable advice during my PhD candidature. I had the honour of being a student under their wise supervision. Without their support, this work would never have seen the light of day. I am greatly indebted to my family, especially my wife Dalia Al-Zubaidy, my parents, my brother and my sister for their patience, persevering support and advice. Their encouragement allowed me to overcome the trials and tribulations during this long journey. I would like to give special thanks to my sponsor, the Ministry of Higher Education and Scientific Research - Iraq, for giving me the opportunity to complete my PhD candidature and for supporting me during my study. I thank all members of the I4T research group for our interesting discussions. Special thanks to Jonathan Kua for helping me in testing different implementations, for answering my questions and his interesting discussion. Finally, I am immensely grateful to my best friend, Haider Majeed, for following up my financial and administrative matters in Iraq without hesitation or complaint. Abstract Congestion Control (CC) has a significant influence on the performance of Transmission Con- trol Protocol (TCP) connections. Over the last three decades, many researchers have exten- sively studied and proposed a multitude of enhancements to standard TCP CC. However, this topic still inspires both academic and industry research communities due to the change in In- ternet application requirements and the evolution of Internet technologies. The standard TCP CC infers network congestion based on packet loss events which leads to long queuing delay when bottleneck buffer size is large in a phenomenon called Bufferbloat. Bufferbloat harms interactive and latency-sensitive applications and reduces network response speed, leading to a poor quality of experience for end users. A potential end-to-end solution to this problem is to use the delay signal to infer congestion earlier and react to the congestion before the queuing delay reaches a high value. However, delay-based feedback is fraught with difficulties including queuing delay estimation, signal noise and coexistence with conventional TCP. Loss-delay hybrid congestion control approaches aim to remedy the coexistence issue by operating in delay mode to provide low latency transport, and switching to loss mode to im- prove performance when competing with loss-based flows. Using a delay gradient enables the CC protocol to detect congestion without relying on queuing delay estimates. This motivates us to explore the previously published CAIA Delay-Gradient (CDG) CC algorithm. In this thesis, we significantly enhance the CDG algorithm to create Hybrid Loss-Delay Gradient (HLDG), a sender-side host-to-host congestion control algorithm for the Internet. Compared to CDG, HLDG provides higher performance, lower queuing delay and better co- existence when competing with loss-based flows. Like CDG, HLDG uses the delay gradient signal to detect early congestion, preventing a long queue from building up in the bottleneck, and providing low latency transport. It also ex- plicitly switches between delay and loss modes depending on competing traffic characteristics to coexist with loss-based flows. By evaluating CDG in a range of scenarios, we identify weaknesses that impact protocol performance. HLDG enhances CDG throughput by solving the unnecessary back-off issue and by maintaining the number of unacknowledged bytes close to estimated the path bandwidth- x delay product (BDP). HLDG also improves coexistence by switching between loss and delay mode based on a heuristic function. This function infers the presence of loss-based flows based on queuing delay measurements. Finally, HLDG utilises an enhanced slow-start algo- rithm using the delay gradient signal and BDP estimate. HLDG slow-start terminates with a congestion window size close to estimated BDP, achieving high throughput without inducing high queuing delay. HLDG can also be effectively used as a low priority CC to provide scavenger class trans- port for background file transfer without disturbing the foreground traffic. This can be achieved by disabling the HLDG coexistence mechanisms and reducing the back-off factor. We experimentally evaluate HLDG under a range of scenarios and network conditions. This includes a range of link bandwidths and path RTT, with both FIFO Droptail and Active Queue Management (AQM) used at the bottleneck. Our results show that HLDG obtains up to 400% (54% in average) throughput improve- ment over CDG in single flow scenarios without packet loss while maintaining queueing delay under 20ms in the worst case. Our results also show that HLDG is able to achieve up to 3000% (810% in average) better throughput than CDG when competing with TCP CUBIC. HLDG slow-start exits with a congestion window between 96% - 200% of the path BDP compared to 1% - 800% for CDG slow-start. HLDG achieves 94%, 89% and 95% average link utilisation under PIE, FQ-CoDel and FQ- PIE respectively, compared to 89% for CDG under the same conditions. HLDG experiences only 3%, 24% and 4% of packet loss experienced by CDG when run through PIE, FQ-CoDel and FQ-PIE AQMs respectively. Contents Abstract ix Contents xi List of Figures xvii List of Tables xxiii List of Acronyms xxvi 1 Introduction 1 1.1 Researchobjectivesandcontributions . ....... 3 1.2 Summaryofresearchcontributions. ..... 6 1.3 Thesisorganisation .............................. 7 2 Delay-based congestion control 9 2.1 TransmissionControlProtocol–AnOverview. ....... 10 2.1.1 TCPReliabilityandFlowControl . 10 2.1.2 TCPCongestionControl . 12 2.1.3 Controlling the injection of packets into the network ......... 15 2.2 BufferingandQueueManagement . 15 2.2.1 TraditionalBufferingandQueues . 16 2.2.2 ActiveQueueManagement. 17 2.3 TCP Congestion Control Literature -- Signals and Algorithms ........ 17 2.3.1 ImplicitCongestionFeedbackSignals . .... 18 2.3.1.1 Thelosssignal ....................... 18 2.3.1.2 Thedelaysignal . 21 2.3.2 ExplicitCongestionFeedbackSignals . .... 24 2.3.3 TCPCongestionControlAlgorithms . 26 xii Contents 2.3.3.1 SlowStart .......................... 26 2.3.3.2 CongestionAvoidance. 27 2.3.3.3 FastRetransmitandFastRecovery . 28 2.3.4 CongestionControlMetrics . 29 2.4 CCalgorithmsthatutilisethedelaysignal . ........ 31 2.4.1 Delay-basedAlgorithms . 31 2.4.1.1 TCPDUAL ......................... 33 2.4.1.2 TCPVegas.......................... 35 2.4.1.3 TCPVegas-A ........................ 36 2.4.1.4 FASTTCP.......................... 37 2.4.1.5 TCPNICE.......................... 37 2.4.1.6 TCP-LP ........................... 38 2.4.1.7 PERT............................. 39 2.4.1.8 LEDBAT........................... 40 2.4.1.9 TIMELY........................... 41 2.4.1.10 TCPLoLa .......................... 42 2.4.2 DualModeApproaches . 43 2.4.2.1 TCPVegas+ ......................... 43 2.4.2.2 YeAHTCP.......................... 45 2.4.2.3 CAIA-DelayGradient(CDG) . 47 2.4.2.4 Cx-TCP ........................... 48 2.4.2.5 Copa............................. 49 2.4.2.6 Nimbus............................ 50 2.4.3 DualSignalApproaches . 51 2.4.3.1 TCPAfrica.......................... 51 2.4.3.2 CompoundTCP(C-TCP) . 52 2.4.3.3 TCPLibra .......................... 53 2.4.3.4 TCP-Illinois . .. .. .. .. .. .. .. 54 2.4.4 Delay-sensitiveAlgorithms. 55 2.4.4.1 TCPWestwood/Westwood+. 55 2.4.4.2 TCPWestwood-BasedAlgorithms . 57 2.4.4.3 TCP-AP ........................... 59 2.4.4.4 RAPID............................ 59 2.4.4.5 TCPBBR .......................... 60 2.5 TCPslow-startvariations . ... 62 2.6 Challengesfacingthedelaysignal . ..... 63 Contents xiii 2.6.1 Inaccuratedelaymeasurements . 63 2.6.2 Data link layer reliability and channel access method ......... 64 2.6.3 Emergingcommunicationnetworks . 65 2.6.4 EffectsofusingAQMondelaysignal . 66 2.7 CDG:ApromisinghybridCCalgorithm . ... 68 2.7.1 Delaygradientsignal. 69 2.7.2 Probabilisticback-offfunction . .... 71 2.7.3 Non-congestionrelatedlossestolerance . ...... 73 2.7.4 Coexistencewithloss-basedflows . 74 2.7.4.1 Ineffectualback-offandlossmode: . 74 2.7.4.2 Theshadowwindowmechanism . 75 2.7.5 Congestionwindowgrowth . 75 2.7.6 CDGslowstart ............................. 76 2.7.7
Recommended publications
  • A Letter to the FCC [PDF]

    A Letter to the FCC [PDF]

    Before the FEDERAL COMMUNICATIONS COMMISSION Washington, DC 20554 In the Matter of ) ) Amendment of Part 0, 1, 2, 15 and 18 of the ) ET Docket No. 15­170 Commission’s Rules regarding Authorization ) Of Radio frequency Equipment ) ) Request for the Allowance of Optional ) RM­11673 Electronic Labeling for Wireless Devices ) Summary The rules laid out in ET Docket No. 15­170 should not go into effect as written. They would cause more harm than good and risk a significant overreach of the Commission’s authority. Specifically, the rules would limit the ability to upgrade or replace firmware in commercial, off­the­shelf home or small­business routers. This would damage the compliance, security, reliability and functionality of home and business networks. It would also restrict innovation and research into new networking technologies. We present an alternate proposal that better meets the goals of the FCC, not only ensuring the desired operation of the RF portion of a Wi­Fi router within the mandated parameters, but also assisting in the FCC’s broader goals of increasing consumer choice, fostering competition, protecting infrastructure, and increasing resiliency to communication disruptions. If the Commission does not intend to prohibit the upgrade or replacement of firmware in Wi­Fi ​ ​ devices, the undersigned would welcome a clear statement of that intent. Introduction We recommend the FCC pursue an alternative path to ensuring Radio Frequency (RF) compliance from Wi­Fi equipment. We understand there are significant concerns regarding existing users of the Wi­Fi ​ spectrum, and a desire to avoid uncontrolled change. However, we most strenuously advise against prohibiting changes to firmware of devices containing radio components, and furthermore advise against allowing non­updatable devices into the field.
  • Opnsense Your Next Open Source Firewall

    Opnsense Your Next Open Source Firewall

    OPNsense Your next open source firewall www.rhinolabsinc.com About OPNsense Highlights Businesses ProtEct your businEss nEtwork and sEcurE your connEctions. From thE stateful inspection firewall to thE inline intrusion detection & prevention systEm EvErything is includEd for frEE.UsE thE traffic shaper to EnhancE nEtwork pErformancE and prioritisE Businesses you voicE ovEr ip abovE othEr traffic. Backup your configuration to thE cloud automatically, no nEEd for manual backups anymorE! School Networks Limit and share available bandwidth evenly amongst studEnts and utilisE thE category based web filtering to filtEr unwantEd traffic such as adult contEnt and malicious wEbsitEs. Its Easy to sEtup as no additional plugins nor packagEs arE School Networks rEquirEd. TEach about sEcurity or usE our dEvElopmEnt documEntation to show how an ModEl ViEwEr ControllEr works. You and your studEnts arE invitEd to join thE Effort and OPNsEnsE community! About OPNsense Highlights Hotels & Campings Hotels and campIngs usually utIlIse a captIve portal to allow guests (paId) access to Internet for a lImIted duratIon. Guests need to logIn usIng a voucher that they can eIther buy or Hotels and Camping obtaIn for free at the receptIon. OPNsense has a buIlt-In captive portal wIth voucher support and can easIly create them on the fly. On The Road Even on the road OPNsense Is a great asset to your busIness as It offers OpenVPN and IPSec VPN solutIon wIth road warrior support. The easy client exporter make On The Road configurIng your OpenVPN SSL clIent setup a breeze. Remote Offices & SOHO UtIlIse the Integrated sIte to sIte VPN (IPsec or SSL VPN) to create a secure network connectIon to and from your remote offices.
  • Evaluation of Priority Scheduling and Flow Starvation for Thin Streams with FQ-Codel

    Evaluation of Priority Scheduling and Flow Starvation for Thin Streams with FQ-Codel

    2015 European Conference on Networks and Communications (EuCNC) Evaluation of Priority Scheduling and Flow Starvation for Thin Streams with FQ-CoDel Eduard Grigorescu, Chamil Kulatunga, Gorry Nicolas Kuhn Fairhurst Télécom Bretagne, IRISA School of Engineering, University of Aberdeen, UK [email protected] {eduard, chamil, gorry}@erg.abdn.ac.uk Abstract— Bufferbloat is the result of oversized buffers and algorithms, managing packet scheduling and isolation/capacity induced high end-to-end latency experienced by applications allocation among flows, can be introduced. As one example of across the Internet. This additional delay can adversely impact a scheme that mixes both classes, FlowQueue-CoDel (FQ- thin streams that frequently exchange small amounts of data, but CoDel) [7] is a scheduling scheme that features prioritization have stringent latency requirements. Active Queue Management and flow isolation. FQ-CoDel creates one sub-queue per flow (AQM) techniques, such as Controlled Delay (CoDel), can control and applies CoDel on each of them. The awareness of the the queuing delay in a network device to ensure low latency by dropping packets to indicate incipient congestion. FlowQueue- latency resulting from over-provisioned buffers has been CoDel (FQ-CoDel) is a scheduling scheme that creates one sub- accompanied by an increase in real-time applications such as queue per flow and applies CoDel on each of them. FQ-CoDel Voice over Internet Protocol, gaming or financial trading features: (1) priority scheduling for low-rate traffic; (2) flow applications. As one example, the latency experienced by isolation; (3) queue management with CoDel. First, this paper gamers can directly impact the perceived value of the network fills a gap in the understanding of FQ-CoDel by analyzing what service [10].
  • Ipfire Duobox Business, 4 GB RAM, 64 GB SSD

    Ipfire Duobox Business, 4 GB RAM, 64 GB SSD

    Item no.: 323825 IPFire DuoBox Business, 4 GB RAM, 64 GB SSD from 462,37 EUR Item no.: 323825 shipping weight: 1.20 kg Manufacturer: IPFire Product Description IPFire DuoBox Business, 4 GB RAM, 64 GB SSDThis Firewall version was specifically designed for small offices und home offices, in which a stable and fast Internet connection is essential. The Duo Box Business provides you with fast Internet, while being low-cost and energy-efficient. It keeps your business connected and, most importantly, it keeps your network safe. Main Features: ● 2x Gigabit Ethernet for LAN and WAN ● 1x 300 Mbit dual-band Wi-Fi with access point mode ● optionally upgradeable with LTE Scope of Delivery: ● System ● Power Cable ● PSU ● 2x WLAN antennas Specifications Application: Firewall application for SOHO, branch offices and IoT Type: aluminum profile construction without venting holes, black anodized Dimensions (W x D x H): 134 x 108 x 55 mm Weight: 1.2 kg Cooling: directly attached to chassis Operating conditions: 0 - 50 °C / 80 % rel. humidity CPU: Intel Pentium 3558U, 2x 1.7 GHz RAM: 4 GB DDR3L Mainboard: customized eNUC platform I/O front (standard): 1x RS232, 1x USB 3.0, 1x Audio I/O back: 2x HDMI, 2x USB 3.0, 2x RJ45 (Realtek GLAN) I/O internal: internal I/O might be occupied - depending on your configuration, 1x mSATA/mPCIe full size, 2x USB 2.0 Storage: 1x 2.5" 64 GB SSD (industrial, MLC, 0 - +70 °C ) Graphics: Intel HD, up to 2 independend displays supported, max. resolution: 3840 x 2160 px Wireless LAN, Unex DNUR-S2 300 Mbit dual-band WLAN module LTE: Huawei 909u-5214G LTE (FDD) B1/B2/B3/B5/B7/B8/B203G DC-HSPA+/HSPA+/HSPA/UMTS B1/B2/B5/B82G EDGE/ GPRS/ GSM - 850/900/1800/1900MHz Power-In: DC wide-input 9..19V, 5.5 x 2.5 mm plug PSU: FSP060-DHAN3; external AC/DC adapterInput: 90 to 264 V ACOutput: 12 V / 60 W Power consumption: Idle 6 W, 100% load (Cel.) 11 W OS compatibility: IPFire, OPNSense, PFSense, Ubuntu Linux Scan this QR code to view the product All details, up-to-date prices and availability Powered by TCPDF (www.tcpdf.org).
  • AQM Algorithms and Their Interaction with TCP Congestion Control Mechanisms

    AQM Algorithms and Their Interaction with TCP Congestion Control Mechanisms

    View metadata, citation and similar papers at core.ac.uk brought to you by CORE provided by Universidad Carlos III de Madrid e-Archivo Grado Universitario en Ingenier´ıaTelem´atica 2016/2017 Trabajo Fin de Grado Control de Congesti´onTCP y mecanismos AQM Sergio Maeso Jim´enez Tutor/es Celeste Campo V´azquez Carlos Garc´ıaRubio Legan´es,2 de Octubre de 2017 Esta obra se encuentra sujeta a la licencia Creative Commons Reconocimiento - No Comercial - Sin Obra Derivada Control de Congesti´onTCP y mecanismos AQM By Sergio Maeso Jim´enez Directed By Celeste Campo V´azquez Carlos Garc´ıaRubio A Dissertation Submitted to the Department of Telematic Engineering in Partial Fulfilment of the Requirements for the BACHELOR'S DEGREE IN TELEMATICS ENGINEERING Approved by the Supervising Committee: Chairman Marta Portela Garc´ıa Chair Carlos Alario Hoyos Secretary I~naki Ucar´ Marqu´es Deputy Javier Manuel Mu~noz Garc´ıa Grade: Legan´es,2 de Octubre de 2017 iii iv Acknowledgements I would like to thanks my tutors Celeste Campo and Carlos Garcia for all the support they gave me while I was doing this thesis with them. To my parents, who believe in me against all odds. v vi Abstract In recent years, the relevance of delay over throughput has been particularly emphasized. Nowadays our networks are getting more and more sensible to latency due to the proliferation of applications and services like VoIP, IPTV or online gaming where a low delay is essential for a proper performance and a good user experience. Most of this unnecessary delay is created by the misbehaviour of many buffers that populate Internet.
  • Kratka Povijest Unixa Od Unicsa Do Freebsda I Linuxa

    Kratka Povijest Unixa Od Unicsa Do Freebsda I Linuxa

    Kratka povijest UNIXa Od UNICSa do FreeBSDa i Linuxa 1 Autor: Hrvoje Horvat Naslov: Kratka povijest UNIXa - Od UNICSa do FreeBSDa i Linuxa Licenca i prava korištenja: Svi imaju pravo koristiti, mijenjati, kopirati i štampati (printati) knjigu, prema pravilima GNU GPL licence. Mjesto i godina izdavanja: Osijek, 2017 ISBN: 978-953-59438-0-8 (PDF-online) URL publikacije (PDF): https://www.opensource-osijek.org/knjige/Kratka povijest UNIXa - Od UNICSa do FreeBSDa i Linuxa.pdf ISBN: 978-953- 59438-1- 5 (HTML-online) DokuWiki URL (HTML): https://www.opensource-osijek.org/dokuwiki/wiki:knjige:kratka-povijest- unixa Verzija publikacije : 1.0 Nakalada : Vlastita naklada Uz pravo svakoga na vlastito štampanje (printanje), prema pravilima GNU GPL licence. Ova knjiga je napisana unutar inicijative Open Source Osijek: https://www.opensource-osijek.org Inicijativa Open Source Osijek je član udruge Osijek Software City: http://softwarecity.hr/ UNIX je registrirano i zaštićeno ime od strane tvrtke X/Open (Open Group). FreeBSD i FreeBSD logo su registrirani i zaštićeni od strane FreeBSD Foundation. Imena i logo : Apple, Mac, Macintosh, iOS i Mac OS su registrirani i zaštićeni od strane tvrtke Apple Computer. Ime i logo IBM i AIX su registrirani i zaštićeni od strane tvrtke International Business Machines Corporation. IEEE, POSIX i 802 registrirani i zaštićeni od strane instituta Institute of Electrical and Electronics Engineers. Ime Linux je registrirano i zaštićeno od strane Linusa Torvaldsa u Sjedinjenim Američkim Državama. Ime i logo : Sun, Sun Microsystems, SunOS, Solaris i Java su registrirani i zaštićeni od strane tvrtke Sun Microsystems, sada u vlasništvu tvrtke Oracle. Ime i logo Oracle su u vlasništvu tvrtke Oracle.
  • Auto-Tuning Active Queue Management

    Auto-Tuning Active Queue Management

    2017 9th International Conference on Communication Systems and Networks (COMSNETS) Auto-Tuning Active Queue Management Joe H. Novak Sneha Kumar Kasera University of Utah University of Utah Abstract not require pre-specification of even those parameters including 3 Active queue management (AQM) algorithms preemptively EWMA weights or protocol timer intervals that are routinely drop packets to prevent unnecessary delays through a network specified in protocol design and implementation. while keeping utilization high. Many AQM ideas have been When we view the network link in terms of utilization proposed, but none have been widely adopted because these rely and the queue corresponding to the link in terms of delay on pre-specification or pre-tuning of parameters and thresholds (Fig. 1 shows a typical delay-utilization curve), we see that that do not necessarily adapt to dynamic network conditions. as utilization increases, delay also increases. At a certain point, We develop an AQM algorithm that relies only on network however, there is a very large increase in delay for only a small runtime measurements and a natural threshold, the knee on improvement in utilization. This disproportionate increase in the delay-utilization curve. We call our AQM algorithm Delay delay is of little to no value to the applications at the endpoints. Utilization Knee (DUK) based on its key characteristic of We want to avoid this unstable region of high increase in delay keeping the system operating at the knee of the delay-utilization with little increase in utilization. As a result, a natural threshold curve. We implement and evaluate DUK in the Linux kernel in becomes apparent.
  • Controlling Queuing Delays for Real-Time Communication: the Interplay of E2E and AQM Algorithms

    Controlling Queuing Delays for Real-Time Communication: the Interplay of E2E and AQM Algorithms

    Controlling Queuing Delays for Real-Time Communication: The Interplay of E2E and AQM Algorithms Gaetano Carlucci Luca De Cicco Saverio Mascolo Politecnico di Bari, Italy Politecnico di Bari, Italy Politecnico di Bari, Italy [email protected] [email protected] [email protected] ABSTRACT control algorithm; the other placed in the network routers, Real-time media communication requires not only i.e. the Active Queue Management (AQM) algorithm. congestion control, but also minimization of queuing delays When designing end-to-end congestion control algorithms to provide interactivity. In this work we consider the case of for video conference, UDP is a natural choice, since real-time communication between web browsers (WebRTC) such applications cannot tolerate large latencies due to and we focus on the interplay of an end-to-end delay-based TCP packet retransmissions. Additionally, delay-based congestion control algorithm, i.e. the Google congestion congestion control algorithms are usually preferred to control (GCC), with two delay-based AQM algorithms, loss-based ones since they can detect congestion before namely CoDel and PIE, and two flow queuing schedulers, packets are lost due to buffer overflow. i.e. SFQ and Fq Codel. Experimental investigations show On the other hand, AQM schemes control the router that, when only GCC flows are considered, the end-to-end buffers by dropping the packets or marking them if ECN algorithm is able to contain queuing delays without AQMs. is used [21]. Despite the fact that many AQM algorithms Moreover the interplay of GCC flows with PIE or CoDel have been proposed over the past two decades [7], the leads to higher packet losses with respect to the case of a adoption of these algorithms has been hampered by two DropTail queue.
  • AMD EPYC™ Performance. Rack Mountable Appliance, the Full Package at an Affordable Price

    AMD EPYC™ Performance. Rack Mountable Appliance, the Full Package at an Affordable Price

    OPNsense® Rack Security Appliance DEC3800 Series (c) 2021 Deciso B.V., All Rights Reserved. [rev.300821] (c) 2021 Deciso B.V., AMD EPYC™ Performance. Rack mountable appliance, the full package at an affordable price. Exceptional performance for businesses & enterprises. Guard Web Access 17Gbps Throughput Filtering (SSL) Proxy 1.5 Mega Packets per Second Captive Portal with Voucher support 512GB SSD ~2Gbps Inline Intrusion Prevention Offering Sufficient Space for Logging & Reporting Fast Filtering System wide two-factor Up to 50.000 Connections per authentication. Second Compatible with Google Authenticator. Hardware Assisted Encryption 2.5Gbps IPsec (AES256GCM16) Securing Networks™ DATASHEET Deciso Sales B.V. • +31 187 744 020 • [email protected] • www.deciso.com CERTIFIED HARDWARE FROM THE DEVELOPERS - MADE IN THE NETHERLANDS DEC3800 SERIES Bundled with a free year OPNsense® Business Edition √ Commercial firmware repository √ Free GeoIP database √ Official OPNsense Open Virtualization Image √ Free professional plugins (OPNcentral, Proxy Access) √ Free E-Book ( English & German ) Securing Networks™ Deciso Sales B.V. • +31 187 744 020 • [email protected] • www.deciso.com SOFTWARE VERSATILE - OPEN SOURCE - FULLY FEATURED OPNsense is Deciso’s fast growing open source firewall and security platform released under an Open Source Initiative approved license. Its rich feature set is combined with the benefits of open and verifiable sources. All features can be used from within the easy to use graphical interface, equipped with a build-in search feature for quick navigation. Protecting your network has never been this easy with features such as; the integrated intrusion prevention system and two-factor authentication for safely connecting mobile users. OPNsense® Secure Your Network With Ease™ Businesses Protect your business network and secure your connections.
  • Controlling Queuing Delays for Real-Time Communication: the Interplay of E2E and AQM Algorithms

    Controlling Queuing Delays for Real-Time Communication: the Interplay of E2E and AQM Algorithms

    Controlling Queuing Delays for Real-Time Communication: The Interplay of E2E and AQM Algorithms Gaetano Carlucci Luca De Cicco Saverio Mascolo Politecnico di Bari, Italy Politecnico di Bari, Italy Politecnico di Bari, Italy [email protected] [email protected] [email protected] ABSTRACT requirements can be met by employing two complementary control Real-time media communication requires not only congestion algorithms: one placed at the end points, namely the end-to-end control, but also minimization of queuing delays to provide congestion control algorithm; the other placed in the network interactivity. In this work we consider the case of real-time routers, i.e. the Active Queue Management (AQM) algorithm. communication between web browsers (WebRTC) and we focus When designing end-to-end congestion control algorithms on the interplay of an end-to-end delay-based congestion control for video conference, UDP is the natural choice, since such algorithm, i.e. the Google congestion control (GCC), with two applications cannot tolerate large latencies due to TCP packet delay-based AQM algorithms, namely CoDel and PIE, and two retransmissions. Additionally, delay-based congestion control flow queuing schedulers, i.e. SFQ and Fq_Codel. Experimental algorithms are usually preferred to loss-based ones since they can investigations show that, when only GCC flows are considered, detect congestion before packets are lost due to buffer overflow. the end-to-end algorithm is able to contain queuing delays without On the other hand, AQM schemes control the router buffers AQMs. Moreover the interplay of GCC flows with PIE or CoDel by dropping the packets or marking them if ECN is used [21].
  • Packet Mark Methodology for Reduce the Congestion

    Packet Mark Methodology for Reduce the Congestion

    Forn International Journal of Scientific Research in Computer Science and Engineering Review Paper VolVolVol-Vol ---1,1, IssueIssue----3333 ISSN: 2322320000––––76397639 Packet Mark Methodology for Reduce the Congestion V.Ganesh Babu and K.Saraswathi Department of CS, Government College for Women, Maddur, Mandya Dt Karnataka, INDIA Department of CS, Nehru Memorial College, Puthanampatti, Trichy Dt. Tamil Nadu, INDIA Available online at www.isroset.org Received: 17 March 2013 Revised: 22 March 2013 Accepted: 16 May 2013 Published: 30 June 2013 Abstract-Congestion is one of the major problems of a communication network in routing. The function of a routing is to guide packets through the communication network to their correct destinations. Optimal Routing has been widely studied for interconnection networks. This paper provides two methodologies ECN and QBER for reduce the congestion. Keywords- Routing, congestion, ECN, QBER 1. INTRODUCTION packet. This act is referred to as “marking” and its purpose is to inform the receiving endpoint of impending The first methodology Explicit Congestion Notification congestion. At the receiving endpoint, this congestion (ECN) is an extension to the Internet protocol and to the indication is handled by the upper layer protocol (transport Transmission Control Protocol and is defined in layer protocol) and needs to be echoed back to the RFC3168(2001). ECN allows end-to-end notification of transmitting node in order to signal it to reduce its network congestion without dropping packets. ECN is an transmission rate. optional feature that is only used when both endpoints support it and are willing to use it. It is only effective when 2.2 Operation of ECN with TCP supported by the underlying network.
  • Piece of CAKE: a Comprehensive Queue Management Solution for Home Gateways

    Piece of CAKE: a Comprehensive Queue Management Solution for Home Gateways

    Piece of CAKE: A Comprehensive Queue Management Solution for Home Gateways Toke Høiland-Jørgensen Dave Täht Jonathan Morton Dept. of Computer Science Teklibre Karlstad University, Sweden Los Gatos, California Somero, Finland [email protected] [email protected] [email protected] Abstract—The last several years has seen a renewed interest compelling benefit of CAKE is that it takes state of the art in smart queue management to curb excessive network queueing solutions and integrates them to provide: delay, as people have realised the prevalence of bufferbloat in • a high-precision rate-based bandwidth shaper that in- real networks. However, for an effective deployment at today’s last mile cludes overhead and link layer compensation features for connections, an improved queueing algorithm is not enough in various link types. itself, as often the bottleneck queue is situated in legacy systems • a state of the art fairness queueing scheme that simulta- that cannot be upgraded. In addition, features such as per-user neously provides both host and flow isolation. fairness and the ability to de-prioritise background traffic are • a Differentiated Services (DiffServ) prioritisation scheme often desirable in a home gateway. with rate limiting of high-priority flows and work- In this paper we present Common Applications Kept Enhanced (CAKE), a comprehensive network queue management system conserving bandwidth borrowing behaviour. designed specifically for home Internet gateways. CAKE packs • TCP ACK filtering that increases achievable throughput several compelling features into an integrated solution, thus on highly asymmetrical links. easing deployment. These features include: bandwidth shaping CAKE is implemented as a queueing discipline (qdisc) for with overhead compensation for various link layers; reasonable DiffServ handling; improved flow hashing with both per-flow and the Linux kernel.