Managing Data Flows Among Organizations

Services usually run across a combination of enterprise and service provider networks. A transport infrastructure that spans many networks and management domains must nevertheless be tracked and managed.

To manage data flows, a network administrator needs flow-through QoS, which is true end-to-end management that spans multiple management systems. Service quality must be accurately controlled across all boundaries: customer to business partner, customer to provider, and provider to provider. Flow-through QoS would ensure that the paths across a set of ISPs would always deliver the specified service quality. The flow would change ISPs in its path as needed to maintain the overall quality.

Levels of Control

There are macro- and micro-levels of control involved for flow-through QoS.

The micro-level is the management of internal flows within any organization or provider network infrastructure. All the tools mentioned in the first part of this chapter can be applied as needed. The management team for that infrastructure has the responsibility of managing their own infrastructure to meet compliance criteria.

The macro-level entails monitoring end-to-end service quality, identifying the portion (responsible organization) of the infrastructure that contributes to poor service quality, and verifying that quality is restored.

Demarcation Points

Demarcation points are the boundaries between management organizations and the resources they control. Periodic measurements can be made across the cloud between different demarcation points. The collectors use active techniques to exchange and measure traffic between themselves. The basic delay measurements are augmented by jitter and packet loss measurements. A trend indicating degrading service quality triggers an alert to management systems that verify the measurements and activate the appropriate manage-ment tools to oversee the details of resolving the problem.

Diagnosis and Recovery

An external network environment can be measured only edge-to-edge, with further examination being left to that particular network's management staff. Therefore, diagnosis and recovery are primarily a triage process of narrowing the focus after a potential, or actual, service degradation is detected, and then notifying the responsible organization.

End-user measurements can be used in the triage process, as discussed in Chapter 6, "Real-Time Operations." In addition to the examples in that chapter, Figure 10-2 shows an example from a Keynote Systems real-time chart of network round-trip delay measured from Keynote collectors on the major backbones in the U.S. to the affected web site's home page. Clearly, there are problems from the collectors located on UUNET, and those problems don't appear when measurements are made from any other major backbone in the U.S. Using the chart, the web site's administrator has clear evidence that points to a probable problem in the peering between the web site's ISP and UUNET. That should be sufficient to get a trouble ticket opened quickly with the web site's ISP.

Figure 10-2. Round-Trip Delay Used in Latency Diagnosis

End-user measurements can also be used in attempts to bypass transport provider problems. A new approach named route control is emerging as way of allocating traffic among a set of service providers to maintain overall control of service quality.

Many organizations use several ISPs to gain the following advantages:

• High availability with redundant providers

• Closer proximity to customer browsers, offering shorter paths to reach business sites

• Use of the lowest cost provider for lower-priority services

• Competition that keeps providers on their toes

A router on the customer premises has connections to each service provider and selects one using the Border Gateway Protocol (BGP). BGP has some shortcomings. It is complex and difficult to tune, and it can send traffic over paths that don't provide the lowest latency or the lowest cost. In addition, it can certainly create situations in which low-priority traffic flows across the ISP with the highest charges.

netVmg, an early mover in route-control solutions, introduced the Flow Control Platform to address the problems in what they term the middle milethe set of Internet backbones between the sender and the receiver.

The Flow Control Platform inspects outgoing flows, identifies the destination networks, and uses proprietary approaches to measure performance to each destination across all the attached ISPs. Performance baselines are monitored for conformance to latency, packet loss, and cost policies. If the current ISP is unable to comply, the Flow Control Platform selects another outgoing ISP based on cost and performance specifications. It sends a BGP update to the web site's boundary router to initiate a change to a new provider. The Flow Control Platform also allows for more sophisticated policies that consider security and other factors, such as requiring or forbidding certain ISPs. Customers also have the advantage of consistent provider measurements to facilitate SLA adjustments and contract negotiations. They can optimize a set of provider services to their needs.

Even if route control isn't used, multiple providers or multiple transport services can provide different levels of transport quality for an enterprise. The enterprise's border switches or routers can sort outgoing traffic into different classes, depending on the required transport performance (possibly signaled by the same tagging system used within the enterprise). Those border devices can then route the outgoing traffic over the appropriate provider service; for example, traffic requiring latency guarantees would be sent over a service that can provide such guaranteesprobably at a higher price than for the service providing best-effort delivery. This is similar to the use of multiple, isolated networks to provide different levels of service within the enterprise, as discussed in the previous subsection on over-provisioning and isolated networks.