From: Neil Harris (no email)
Date: Thu Dec 01 2005 - 09:00:49 EST
Sean Donelan wrote:
>
>
> The problem with waiting until the PE or BRAS to do the classification is
> most access providers use traffic aggregation in the access network (e.g.
> ATM/DSL, Cable, WiFi, etc). This means the interfaces on the BRAS or PE
> are oversubscribed and the access network interface will experience
> inbound cell/frame drops.
>
> If you don't trust the router's ability, imagine a dslam's ability to do
> it at the ATM layer.
>
> Some networks let users tag their traffic, other networks re-tag all
> traffic according the network's policies. At the moment it seems to be a
> business decision. But the result is users shouldn't expect unmangled
> TOS/DSCP bits over the Internet. Coordinating the IP layer QOS with the
> access network/physical layer QOS is a bit of a challenge.
>
>
>
I'm not an operator (although I used to be, at a tiny little specialist
ISP), but I hope this is on-topic.
Since nearly all of your domestic customers' traffic will be TCP, in
particular the bulk file-sharing traffic which I imagine is your
greatest problem, although you cannot directly rate-limit their traffic
_into_ your layer 2 access network, you can do so indirectly by
rate-limiting their traffic within your network, which should cause
their TCP traffic to throttle back in response.
This is arguably an easier and more effective way to go than QoS if all
you care about is leaving enough slack capacity in your network to keep
your business customers happy.
If you want to be ingenious, you could even try the approach of
rate-limiting by restricting the flow of ACKs returning from your
network, rather than dropping outbound packets. This could be done in a
super-dumb way, by just throttling the aggregate flow of ACKs based on
source-routing from your domestic IPs, or in a smarter way that was flow
and sequence-number aware.
And if you are worried about using Linux / BSD boxes in production work,
you could always use a pool of multiple redundant filtering boxes, with
load-balancing using some carrier-class kit and automatic failover at
layer 3 to hot spare boxes.
-- Neil
|
|
|