DOCSLIB.ORG

Soluciones Gilan Para Operadores Moviles

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Soluciones Gilan Para Operadores Moviles Agility 2018 PRESENTED BY: • • • • • • • • • • • • • • • • • • • • • • • • • • • • Gi LAN Architecture Consolidating L4-L7 network services on the Gi LAN VAS layer Static port 80 steering EPC PGW/ RTR TCP Policy URL CGNAT Firewall Internet GGSN/PGWGGSN Opt. Enforcement Filtering CONSOLIDATION VAS layer Dynamic & intelligent steering Service Chaining VIPRION EPC PGW/ Internet GGSN/PGW DNS GGSN Devices & Connections Exponential Growth Security Smartphones, Of Data and Evolving and Increasing Applications, Internet Signaling Traffic Threats and Attacks of Things • Scale and performance • Scale and performance • Scale and performance • IPv4→ IPv6 transitions • Control plane and data plane • L4-L7 security • DDoS mitigation • Signaling overload protection • Programmability and flexibility 80 Gbps – 1.12 Tbps 80M – 1,440M sessions 1M – 23.6M CPS 10 Gbps – 320 Gbps 14M – 300M sessions 125K – 4M CPS Up to 10 Gbps 10M sessions 100K CPS 25M, 200M, 1G, 3G, 5G, 10G Planned: 40G & 100G Virtual Editions BIG-IP Appliances VIPRION blade-based chassis NAT44 IPv6 transitions • • • • • • • • • • • • • • Address/Port Allocation Mechanisms High High NAPT – RANDOM ALLOCATION OF PORTS • Efficient usage of public addresses • Large logging infrastructure needed Port Block Allocation • Less efficient usage of public addresses • Possible to tune the ratio logging/users-per-IP (block size/number of blocks) Logging Efficiency Deterministic NAT • Pre-allocated blocks for subscribers • Logging very small (only configuration storage needed) Low Low Monitor and Baseline L3/L4 • DDoS attacks are more complex – now multi-vector • Detection of complex multi-vector attacks is limited with static/single dimensional vectors • Aggregate rate-limiting “catches” good traffic with bad • Per-SrcIP ineffective with spoofed IP’s or “wide” botnet attacks • Attack detection in both inline and out-of-band deployments • Sub-second attack detection • Detects anomalies compared against historical baseline • Statistical method baselines 3,000+ L3/4 metrics • Dynamically generates “signatures” (vectors) upon attack detection • On-demand/real-time “signature” creation and sharing • Targeted “signatures” = Low false positive rate AFM • Detect-only mode allows review before enforcement The following metrics are monitored to detect anomalies and to generate multi-dimensional vectors Layer3/4 Metrics Number of packets Number of fragments Packet size IP header size IP, TTL, TOS, IP flags Source IP (SrcIP) and destination IP (DstIP) (v4 and v6) Source port (SrcPort) and destination port (DstPort) TCP flags and TCP window size Dynamic Protection Policy Deployment incl. Baselines and Attack DDoS Characteristics Anomaly Detection Attack Ended! Mitigation Enforcement Clean Config and Stop Traffic Diversion Traffic Diversion via BGP Route Injection DDoS Mitigation [ attack path ] [ clean path ] Flow Data Collection Learning Baselines [ protected object 1] [ protected object 2] Service Provider Core [ Internet ] • • • • Attach profiles to AFM rules to Protocol checks can be updated optimize performance outside of TMOS release • • • • • User Equipment PCRF IMS APN SGi Firewall + CGNAT Query PCRF for Subscriber’s Policy. (Firewall policy only) Internet APN eNodeB SGW PGW Security PE Internet Administrative APN Enrich Logs with Subscriber ID. (Firewall and CGNAT logs) Log Enterprise APN Servers • • • User Equipment IMS APN SGi Firewall + CGNAT Internet APN eNodeB SGW PGW Security PE Internet Administrative APN Enrich Logs with Subscriber ID. (Protocol Inspections & Traffic Intelligence) Log Enterprise APN Servers Content Server Radio Internet Access PGW/ GGSN TCP-SYN TYPICALLY USES TUNE SEND/RECEIVE BUFFERS TO INTERNET STANDARD TCP CHOOSE CONGESTION CONTROL TO INTERNET SETTINGS OF THE TCP-SYN/ACK ENABLE S-ACK FOR ALL TCP CONNECTIONS OPERATING SYSTEM ENABLE OTHER TCP OPTIONS TCP-ACK TCP-SYN TUNE SEND/RECEIVE BUFFERS TO RADIO CHOOSE CONGESTION CONTROL TO RADIO TCP-SYN/ACK ENABLE RATE PACING TO RADIO ENABLE S-ACK FOR ALL TCP CONNECTIONS TCP-ACK ENABLE LOSS FILTER ENABLE OTHER TCP OPTIONS TCP PROFILE CLIENT-SIDE TCP PROFILE SERVER-SIDE Send Buffer Proxy Buffer Reassembly Queue INGRESS MANAGEMENT Receive Window BIG-IP Radio Access (advertised in TCP) CONGESTION Receive Window UE CONTROL & RATE PACING (advertised in TCP) Internet Receive Window Server Receive Window BIG-IP (advertised in TCP) CONGESTION (advertised in TCP) CONTROL & RATE PACING Reassembly Queue INGRESS MANAGEMENT Proxy Buffer Send Buffer Dynamic tuning: BIG-IP will change TCP parameters automatically as network conditions change (buffer sizes). Auto-send buffer, Auto-receive buffer, auto-proxy buffer (high low watermarks for TCP proxy buffers). Provides the ability to respond to network changes instantaneously. Dynamic TCP Tuning 2. UE continues to access the Internet, but over better condition 1. UE moves BIG-IP Platform to better 4. Data is sent back to UE using 3. BIG-IP detects change network new receive window buffer condition and automatically sizes changes buffer sizes More efficiently utilize your network by mitigating buffer bloating • TCP optimization is a key entry point use case in the Gi LAN for Service Providers across the globe – improved performance and Quality of Experience (QoE) drivers • Integration with PEM for Subscriber Awareness is perceived to be of great value • TCP profile selection based on RAT type • Native support for TCP optimization as a PEM built-in action • Improved TCP troubleshooting/analytics to provide an indicator for TCP experience degradation is of key interest (TCP stats, congestion indicators like goodput, jitter, delay, etc.) Radius Radius Control Plane (RAT-type Diameter Gx updates) Other API PCRF GGSN John PGW User Service Policy Internet TCP John RAT-Type=3G, select TCP- profile-3G RAT-Type=4G, select TCP- profile-4G IoT platforms • Transport Security Zone 1 • Revocation • Inspection SSL Security Zone 2 offload • Traffic steering Application SSL Traffic tunnels Security Zone 3 • Authentication Secure zones based on • Zone management device attributes • Protocol ... all of this makes up an IoT Firewall for your IoT applications and services IoT Features Protocol Support Transport Support Traffic Management • • • • • • • • • Security Management Advanced Features • • • • • • • • • Verticals MQTT CoAP AMQP XMPP HTTP HTTP 2.0 WebSkt LWM2M Manufacturing Factories, Mining Utilities Energy Smart Spaces Home, Building, City Transportation Cars, Public Transit Platform Providers Cloud, Service, Integration MQTT ‒ Message Queuing Telemetry Transport CoAP ‒ Constrained Application Protocol XMPP ‒ Extensible Messaging and Presence Protocol AMQP ‒ Advanced Message Queuing Protocol Dynamically manages traffic and subscribers in real time • Analytics Centralized Policy Control • HSL, IPFix • Provisioning (Gx) • Usage Reporting Subscriber Aware Traffic Steering DNS CSCF PCRF AAA OCS • Service chaining (Gx / Gy) VAS VAS VAS……VAS VAS • NSH • Optimization Subscriber Discovery RTR PGW/GGSN Internet F5 Subscriber awareness Traffic optimization Application visibility Application Visibility Automation Security Scale Intelligent traffic steering Analytics Use Case: Ability to categorize HTTP traffic based on URLs and domain names • Enforce traffic policy based on HTTP URI attribute categorization • Improved iRules capability for obtaining/setting categorization results • Local database, custom database and cloud based 1. Trying to access blocked URL Internet PGW/ RTR GGSN 3. Access Denied 2. Integrated Webroot URL Filtering / Blacklist Customer benefit: Operators can offer URL categorization, parental control plans to subscribers. Subscribers get better control of traffic; operators get monetization benefits. Use Case: Ability to steer traffic through different value-added services and network elements Service Provider VAS Control Plane Video Parental • Intelligent traffic steering Optimization Control to VAS servers PCRF AAA Emma Radius • Leverage Diameter Gx Other API subscriber/application http (3G) GGSN awareness for steering John PGW Radius BNG Internet • Steering on response http Paul User Service Policy • Analyze response and apply John Video Optimization “LTE steering policy for flow/ Subscriber bypass” transaction Parental Control “No” Paul Video Optimization “Always” Parental Control “Yes” Customer benefit: A fixed or mobile solution for optimizing subscriber and application traffic through VAS and network elements. Use Case: Sponsered content insertion for free internet access Policy and Subscriber VAS Content Provider Solution Management • Traffic steering upon 3G /4G • Toolbar content insertion via PEM PCRF WAP Toolbar VAS / Content OTT 3G PGW RTR Internet BIG-IP PEM - Viprion 4480 4G Benefits • Monetize new services • Optimize subscriber QoE • Total applications covered: 2440 • Issued first signature update package for v12.1 • • • • • • • • • • • • • • • • • • • • • • • • LDNS Authoritative Infrastructure • Faster DNS for 3G and 4G LTE • Robust, scalable portal • Intelligent DNS for Evolved • Enhanced performance through and service access Packet Core transparent cache • Exponential DNS • Proactively monitor for • Caching resolver for server performance and DDoS service-level adherence consolidation security protection • Enhanced subscriber • Mitigate DNS threats by blocking • Optimize global service experience access to malicious IPs delivery ENTERPRISE / SERVICE PROVIDER SERVICE PROVIDER Subscriber Management Billing/Self Service IP Multimedia Subsystem (IMS) DNS HSS/HLR DHCP ENUM Activation
Load more

Recommended publications
  • A Comparison of TCP Automatic Tuning Techniques for Distributed
    A Comparison of TCP Automatic Tuning Techniques for Distributed Computing Eric Weigle [email protected] Computer and Computational Sciences Division (CCS-1) Los Alamos National Laboratory Los Alamos, NM 87545 Abstract— Manual tuning is the baseline by which we measure autotun- Rather than painful, manual, static, per-connection optimization of TCP ing methods. To perform manual tuning, a human uses tools buffer sizes simply to achieve acceptable performance for distributed appli- ping pathchar pipechar cations [1], [2], many researchers have proposed techniques to perform this such as and or to determine net- tuning automatically [3], [4], [5], [6], [7], [8]. This paper first discusses work latency and bandwidth. The results are multiplied to get the relative merits of the various approaches in theory, and then provides the bandwidth £ delay product, and buffers are generally set to substantial experimental data concerning two competing implementations twice that value. – the buffer autotuning already present in Linux 2.4.x and “Dynamic Right- Sizing.” This paper reveals heretofore unknown aspects of the problem and PSC’s tuning is a mostly sender-based approach. Here the current solutions, provides insight into the proper approach for various cir- cumstances, and points toward ways to improve performance further. sender uses TCP packet header information and timestamps to estimate the bandwidth £ delay product of the network, which Keywords: dynamic right-sizing, autotuning, high-performance it uses to resize its send window. The receiver simply advertises networking, TCP, flow control, wide-area network. the maximal possible window. Paper [3] presents results for a NetBSD 1.2 implementation, showing improvement over stock I.
    [Show full text]
  • Network Tuning and Monitoring for Disaster Recovery Data Backup and Retrieval ∗ ∗
    Network Tuning and Monitoring for Disaster Recovery Data Backup and Retrieval ∗ ∗ 1 Prasad Calyam, 2 Phani Kumar Arava, 1 Chris Butler, 3 Jeff Jones 1 Ohio Supercomputer Center, Columbus, Ohio 43212. Email:{pcalyam, cbutler}@osc.edu 2 The Ohio State University, Columbus, Ohio 43210. Email:[email protected] 3 Wright State University, Dayton, Ohio 45435. Email:[email protected] Abstract frequently moving a copy of their local data to tape-drives at off-site sites. With the increased access to high-speed net- Every institution is faced with the challenge of setting up works, most copy mechanisms rely on IP networks (versus a system that can enable backup of large amounts of critical postal service) as a medium to transport the backup data be- administrative data. This data should be rapidly retrieved in tween the institutions and off-site backup facilities. the event of a disaster. For serving the above Disaster Re- Today’s IP networks, which are designed to provide covery (DR) purpose, institutions have to invest significantly only “best-effort” service to network-based applications, fre- and address a number of software, storage and networking quently experience performance bottlenecks. The perfor- issues. Although, a great deal of attention is paid towards mance bottlenecks can be due to issues such as lack of ad- software and storage issues, networking issues are gener- equate end-to-end bandwidth provisioning, intermediate net- ally overlooked in DR planning. In this paper, we present work links congestion or device mis-configurations such as a DR pilot study that considered different networking issues duplex mismatches [1] and outdated NIC drivers at DR-client that need to be addressed and managed during DR plan- sites.
    [Show full text]
  • Improving the Performance of Web Services in Disconnected, Intermittent and Limited Environments Joakim Johanson Lindquister Master’S Thesis Spring 2016
    Improving the performance of Web Services in Disconnected, Intermittent and Limited Environments Joakim Johanson Lindquister Master’s Thesis Spring 2016 Abstract Using Commercial off-the-shelf (COTS) software over networks that are Disconnected, Intermittent and Limited (DIL) may not perform satis- factorily, or can even break down entirely due to network disruptions. Frequent network interruptions for both shorter and longer periods, as well as long delays, low data and high packet error rates characterizes DIL networks. In this thesis, we designed and implemented a prototype proxy to improve the performance of Web services in DIL environments. The main idea of our design was to deploy a proxy pair to facilitate HTTP communication between Web service applications. As an optimization technique, we evaluated the usage of alternative transport protocols to carry information across these types of networks. The proxy pair was designed to support different protocols for inter-proxy communication. We implemented the proxies to support the Hypertext Transfer Proto- col (HTTP), the Advanced Message Queuing Protocol (AMQP) and the Constrained Application Protocol (CoAP). By introducing proxies, we were able to break the end-to-end network dependency between two applications communicating in a DIL environment, and thus achieve higher reliability. Our evaluations showed that in most DIL networks, using HTTP yields the lowest Round- Trip Time (RTT). However, with small message payloads and in networks with very low data rates, CoAP had a lower RTT and network footprint than HTTP. 3 4 Acknowledgement This master thesis was written at the Department of Informatics at the Faculty of Mathematics and Natural Sciences, University at the University of Oslo in 2015/2016.
    [Show full text]
  • Use Style: Paper Title
    View metadata, citation and similar papers at core.ac.uk brought to you by CORE provided by AUT Scholarly Commons Quantifying the Performance Degradation of IPv6 for TCP in Windows and Linux Networking Burjiz Soorty Nurul I Sarkar School of Computing and Mathematical Sciences School of Computing and Mathematical Sciences Auckland University of Technology Auckland University of Technology Auckland, New Zealand Auckland, New Zealand [email protected] [email protected] Abstract – Implementing IPv6 in modern client/server Ethernet motivates us to contribute in this area and formulate operating systems (OS) will have drawbacks of lower this paper. throughput as a result of its larger address space. In this paper we quantify the performance degradation of IPv6 for TCP The results of this study will be crucial to primarily those when implementing in modern MS Windows and Linux organizations that aim to achieve high IPv6 performance via operating systems (OSs). We consider Windows Server 2008 a system architecture that is based on newer Windows or and Red Hat Enterprise Server 5.5 in the study. We measure Linux OSs. The analysis of our study further aims to help TCP throughput and round trip time (RTT) using a researchers working in the field of network traffic customized testbed setting and record the results by observing engineering and designers overcome the challenging issues OS kernel reactions. Our findings reported in this paper pertaining to IPv6 deployment. provide some insights into IPv6 performance with respect to the impact of modern Windows and Linux OS on system II. RELATED WORK performance. This study may help network researchers and engineers in selecting better OS in the deployment of IPv6 on In this paper, we briefly review a set of literature on corporate networks.
    [Show full text]
  • Exploration of TCP Parameters for Enhanced Performance in A
    Exploration of TCP Parameters for Enhanced Performance in a Datacenter Environment Mohsin Khalil∗, Farid Ullah Khan# ∗National University of Sciences and Technology, Islamabad, Pakistan #Air University, Islamabad, Pakistan Abstract—TCP parameters in most of the operating sys- Linux as an operating system is the typical go-to option for tems are optimized for generic home and office environments network operators due to it being open-source. The param- having low latencies in their internal networks. However, this eters for Linux distribution are optimized for any range of arrangement invariably results in a compromized network performance when same parameters are straight away slotted networks ranging up to 1 Gbps link speed in general. For this into a datacenter environment. We identify key TCP parameters dynamic range, TCP buffer sizes remain the same for all the that have a major impact on network performance based on networks irrespective of their network speeds. These buffer the study and comparative analysis of home and datacenter lengths might fulfill network requirements having relatively environments. We discuss certain criteria for the modification lesser link capacities, but fall short of being optimum for of TCP parameters and support our analysis with simulation results that validate the performance improvement in case of 10 Gbps networks. On the basis of Pareto’s principle, we datacenter environment. segregate the key TCP parameters which may be tuned for performance enhancement in datacenters. We have carried out Index Terms—TCP Tuning, Performance Enhancement, Dat- acenter Environment. this study for home and datacenter environments separately, and presented that although the pre-tuned TCP parame- ters provide satisfactory performance in home environments, I.
    [Show full text]
  • EGI TCP Tuning.Pptx
    TCP Tuning Domenico Vicinanza DANTE, Cambridge, UK [email protected] EGI Technical Forum 2013, Madrid, Spain TCP ! Transmission Control Protocol (TCP) ! One of the original core protocols of the Internet protocol suite (IP) ! >90% of the internet traffic ! Transport layer ! Delivery of a stream of bytes between ! " programs running on computers ! " connected to a local area network, intranet or the public Internet. ! TCP communication is: ! " Connection oriented ! " Reliable ! " Ordered ! " Error-checked ! Web browsers, mail servers, file transfer programs use TCP Connect | Communicate | Collaborate 2 Connection-Oriented ! A connection is established before any user data is transferred. ! If the connection cannot be established the user program is notified. ! If the connection is ever interrupted the user program(s) is notified. Connect | Communicate | Collaborate 3 Reliable ! TCP uses a sequence number to identify each byte of data. ! Sequence number identifies the order of the bytes sent ! Data can be reconstructed in order regardless: ! " Fragmentation ! " Disordering ! " Packet loss that may occur during transmission. ! For every payload byte transmitted, the sequence number is incremented. Connect | Communicate | Collaborate 4 TCP Segments ! The block of data that TCP asks IP to deliver is called a TCP segment. ! Each segment contains: ! " Data ! " Control information Connect | Communicate | Collaborate 5 TCP Segment Format 1 byte 1 byte 1 byte 1 byte Source Port Destination Port Sequence Number Acknowledgment Number offset Reser. Control Window Checksum Urgent Pointer Options (if any) Data Connect | Communicate | Collaborate 6 Client Starts ! A client starts by sending a SYN segment with the following information: ! " Client’s ISN (generated pseudo-randomly) ! " Maximum Receive Window for client.
    [Show full text]
  • Amazon Cloudfront Uses a Global Network of 216 Points Of
    Tuning your cloud: Improving global network performance for applications Richard Wade Principal Cloud Architect AWS Professional Services, Singapore © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved. Topics Understanding application performance: Why TCP matters Choosing the right cloud architecture Tuning your cloud Mice: Short connections Majority of connections on the Internet are mice - Small number of bytes transferred - Short lifetime Expect fast service - Need fast, efficient startup - Loss has a high impact as there is no time to recover Elephants: Long connections Most of the traffic on the Internet is carried by elephants - Large number of bytes transferred - Long-lived single flows Expect stable, reliable service - Need efficient, fair steady-state - Time to recover from loss has a notable impact over the connection’s lifetime Transmission Control Protocol (TCP): Startup Round trip time (RTT) = two-way delay (this is what you measure with a ping) In this example, RTT is 100 ms Roughly 2 * RTT (200 ms) until the first application request is received The lower the RTT, the faster your application responds and the higher the possible throughput RTT 100 ms AWS Cloud 1.5 * RTT Connection setup Connection established Data transfer Transmission Control Protocol (TCP): Growth A high RTT negatively affects the potential throughput of your application For new connections, TCP tries to double its transmission rate with every RTT This algorithm works for large-object (elephant) transfers (MB or GB) but not so well
    [Show full text]
  • A Comparison of TCP Automatic Tuning Techniques for Distributed Computing
    A Comparison of TCP Automatic Tuning Techniques for Distributed Computing Eric Weigle and Wu-chun Feng Research and Development in Advanced Network Technology Computer and Computational Sciences Division Los Alamos National Laboratory Los Alamos, NM 87545 fehw,[email protected] Abstract In this paper, we compare and contrast these tuning methods. First we explain each method, followed by an in- Rather than painful, manual, static, per-connection op- depth discussion of their features. Next we discuss the ex- timization of TCP buffer sizes simply to achieve acceptable periments to fully characterize two particularly interesting performance for distributed applications [8, 10], many re- methods (Linux 2.4 autotuning and Dynamic Right-Sizing). searchers have proposed techniques to perform this tuning We conclude with results and possible improvements. automatically [4, 7, 9, 11, 12, 14]. This paper first discusses the relative merits of the various approaches in theory, and then provides substantial experimental data concerning two 1.1. TCP Tuning and Distributed Computing competing implementations – the buffer autotuning already present in Linux 2.4.x and “Dynamic Right-Sizing.” This Computational grids such as the Information Power paper reveals heretofore unknown aspects of the problem Grid [5], Particle Physics Data Grid [1], and Earth System and current solutions, provides insight into the proper ap- Grid [3] all depend on TCP. This implies several things. proach for different circumstances, and points toward ways to further improve performance. First, bandwidth is often the bottleneck. Performance for distributed codes is crippled by using TCP over a WAN. An Keywords: dynamic right-sizing, autotuning, high- appropriately selected buffer tuning technique is one solu- performance networking, TCP, flow control, wide-area net- tion to this problem.
    [Show full text]
  • Tuning, Tweaking and TCP (And Other Things Happening at the Hamilton Institute)
    Tuning, Tweaking and TCP (and other things happening at the Hamilton Institute) David Malone and Doug Leith 16 August 2010 The Plan • Intro to TCP (Congestion Control). • Standard tuning of TCP. • Some more TCP tweaks. • Tweaking congestion control. • What else we do at the Hamilton Institute. What does TCP do for us? • Demuxes applications (using port numbers). • Makes sure lost data is retransmitted. • Delivers data to application in order. • Engages in congestion control. • Allows a little out-of-band data. • Some weird stuff in TCP options. Standard TCP View Connector Listener Connector No Listener SYN SYN SYN|ACK RST ACK DATA ACKS FIN FIN High Port Known Port High Port Known Port (usually) (usually) (usually) (usually) Other Views Programmer Network Packets In Data In Socket Queue/Buffer *Some Kind of Magic* Packets Out Socket Data Out TCP Congestion Control • TCP controls the number of packets in the network. • Packets are acknowledged, so reverse flow of ACKs. • Receiver advertises window to avoid overflow. • Congestion window (cwnd) tries to adapt to network. • Slow start mechanism to find rough link capacity. • Congestion avoidance to gradually adapt. • Timeouts for emergencies! Congestion Congestion Congestion Event Event Event cwnd Slow Start RTTs • Reno: Additive increase, multiplicative decrease (AIMD). • To fill link need to reach BW × Delay. • E.g. 1Gbps Ethernet Dublin to California 80000 × 0.2 ≈ 16000 1500B packets. • Backoff 1/2 ⇒ buffer at bottleneck should be BW × Delay. • Fairness (responsiveness, stability, ...) Basic TCP Tuning • Network stack has to buffer in-flight data. • Need BW × delay sized sockbuf! • /proc/net/core/{r,w}mem max ← sockbuf size limits.
    [Show full text]
  • Transport Layer
    DENA.book Page 37 Friday, June 11, 2004 11:30 AM CHAPTER 3 Tuning TCP: Transport Layer This chapter describes some of key Transport Control Protocol (TCP) tunable parameters related to performance tuning. More importantly it describes how these tunables work, how they interact with each other, and how they impact network traffic when they are modified. Applications often recommend TCP settings for tunable parameters, but offer few details on the meaning of the parameters and adverse effects that might result from the recommended settings. This chapter is intended as a guide to understanding those recommendations. This chapter is intended for network architects and administrators who have an intermediate knowledge of networking and TCP. This is not an introductory chapter on TCP terminology. The concepts discussed in this chapter build on basic terminology concepts and definitions. For an excellent resource, refer to Internetworking with TCP/IP Volume 1, Principles, Protocols, and Architectures by Douglas Comer, Prentice Hall, New Jersey. Network architects responsible for designing optimal backbone and distribution IP network architectures for the corporate infrastructure are primarily concerned with issues at or below the IP layer—network topology, routing, and so on. However, in data center networks, servers connect either to the corporate infrastructure or the service provider networks, which host applications. These applications provide networked application services with additional requirements in the area of networking and computer systems, where the goal is to move data as fast as possible from the application out to the network interface card (NIC) and onto the network. Designing network architectures for performance at the data center includes looking at protocol processing above Layer 3, into the transport and application layers.
    [Show full text]
  • Dell EMC Powerscale Network Design Considerations
    Technical White Paper Dell EMC PowerScale: Network Design Considerations Abstract This white paper explains design considerations of the Dell EMC™ PowerScale™ external network to ensure maximum performance and an optimal user experience. May 2021 H16463.20 Revisions Revisions Date Description March 2017 Initial rough draft July 2017 Updated after several reviews and posted online November 2017 Updated after additional feedback. Updated title from “Isilon Advanced Networking Fundamentals” to “Isilon Network Design Considerations.” Updated the following sections with additional details: • Link Aggregation • Jumbo Frames • Latency • ICMP & MTU • New sections added: • MTU Framesize Overhead • Ethernet Frame • Network Troubleshooting December 2017 Added link to Network Stack Tuning spreadsheet Added Multi-Chassis Link Aggregation January 2018 Removed switch-specific configuration steps with a note for contacting manufacturer Updated section title for Confirming Transmitted MTUs Added OneFS commands for checking and modifying MTU Updated Jumbo Frames section May 2018 Updated equation for Bandwidth Delay Product August 2018 Added the following sections: • SyncIQ Considerations • SmartConnect Considerations • Access Zones Best Practices August 2018 Minor updates based on feedback and added ‘Source-Based Routing Considerations’ September 2018 Updated links November 2018 Added section ‘Source-Based Routing & DNS’ April 2019 Updated for OneFS 8.2: Added SmartConnect Multi-SSIP June 2019 Updated SmartConnect Multi-SSIP section based on feedback. July 2019 Corrected errors 2 Dell EMC PowerScale: Network Design Considerations | H16463.20 Acknowledgements Date Description August 2019 Updated Ethernet flow control section January 2020 Updated to include 25 GbE as front-end NIC option. April 2020 Added ‘DNS and time-to-live’ section and added ‘SmartConnect Zone Aliases as opposed to CNAMEs’ section.
    [Show full text]
  • Throughput Issues for High-Speed Wide-Area Networks
    Throughput Issues for High-Speed Wide-Area Networks Brian L. Tierney ESnet Lawrence Berkeley National Laboratory http://fasterdata.es.net/ (HEPIX Oct 30, 2009) Why does the Network seem so slow? TCP Performance Issues • Getting good TCP performance over high- latency high-bandwidth networks is not easy! • You must keep the TCP window full – the size of the window is directly related to the network latency • Easy to compute max throughput: – Throughput = buffer size / latency – eg: 64 KB buffer / 40 ms path = 1.6 KBytes (12.8 Kbits) / sec Setting the TCP buffer sizes • It is critical to use the optimal TCP send and receive socket buffer sizes for the link you are using. – Recommended size to fill the pipe • 2 x Bandwidth Delay Product (BDP) – Recommended size to leave some bandwidth for others • around 20% of (2 x BPB) = .4 * BDP • Default TCP buffer sizes are way too small for today’s high speed networks – Until recently, default TCP send/receive buffers were typically 64 KB – tuned buffer to fill LBL to BNL link: 10 MB • 150X bigger than the default buffer size – with default TCP buffers, you can only get a small % of the available bandwidth! Buffer Size Example • Optimal Buffer size formula: – buffer size = 20% * (2 * bandwidth * RTT) • ping time (RTT) = 50 ms • Narrow link = 500 Mbps (62 MBytes/sec) – e.g.: the end-to-end network consists of all 1000 BT ethernet and OC-12 (622 Mbps) • TCP buffers should be: – .05 sec * 62 * 2 * 20% = 1.24 MBytes Sample Buffer Sizes • LBL to (50% of pipe) – SLAC (RTT = 2 ms, narrow link = 1000 Mbps) : 256 KB – BNL: (RTT = 80 ms, narrow link = 1000 Mbps): 10 MB – CERN: (RTT = 165 ms, narrow link = 1000 Mbps): 20.6 MB • Note: default buffer size is usually only 64 KB, and default maximum autotuning buffer size for is often only 256KB – e.g.: FreeBSD 7.2 Autotuning default max = 256 KB – 10-150 times too small! • Home DSL, US to Europe (RTT = 150, narrow link = 2 Mbps): 38 KB – Default buffers are OK.
    [Show full text]