12.6 Hardware Solutions

One of the pioneers in policy-based bandwidth management systems is Packeteer Inc., based in Cupertino, California. The company’s PacketShaper relieves congestion on IP networks, while making performance more predictable for missioncritical applications. The hardware-based system employs TCP rate control to actively manage bandwidth and smooth out bursty IP traffic. While routers claim to do this as well, they rely on queues that introduce unnecessary delay, which can result in packet loss and retransmissions, in turn contributing to end-to-end latency. PacketShaper is available in different models to fit a range of network environments, including corporate and service providers’ data centers, enterprise networks, and remote offices.

Packeteer’s TCP rate control implements precise bits-per-second policies for bandwidth management that shapes bidirectional traffic to improve the performance of applications over the WAN without resorting to queues. This is accomplished by a software engine called PacketWise, which performs application discovery, analysis, control, and reporting. Through PacketWise, the system is able to discover and classify more than 200 distinct traffic types, including Oracle, SQL Server, Citrix applications, TN3270, and Microsoft Windows Terminal Server. It can also differentiate between multiple applications when they all use the same port. For example, HTTP-enabled applications, Web browsing, and subscription update services (sometimes called “pointcasts”) all run on port 80.

PacketShaper overlaps some functions provided by network probes, especially RMON (remote monitoring) probes, which have become very popular diagnostic tools in recent years. However, PacketShaper goes well beyond the intended scope of a probe. While probes are more useful for diagnosing network failures and connectivity problems, PacketShaper provides more useful information about network and application performance. In addition, probes and other network monitoring solutions detect problems but do not offer help solving those problems or preventing future occurrences. PacketShaper offers problem detection, resolution, and prevention.

When a high-speed LAN narrows into a lower-speed WAN access link, the resulting bottleneck causes delay and inconsistent response. The PacketShaper system typically sits behind each WAN link router to analyze and resolve such bottlenecks. The system requires no changes to router configurations, servers, or desktops. A Web browser acts as the user interface, allowing access to PacketShaper from virtually any desktop on the network.

PacketShaper tracks more than 50 separate behavioral variables for each traffic class, offering output in the form of tables, graphs, and reports. If this is not sufficient, network administrators can export the statistics to any reporting tool that accepts a comma-delimited format. In addition, all statistics are stored in a MIB, accessible from any SNMP platform.

With the response-time management capability of PacketShaper, network administrators have a tool to gauge network, server, and total delay for any TCP/IP-based application. Normally, purchased separately, this tool gives network administrators a much closer approximation of what the end user experiences in terms of application response. The data can be used to set and enforce SLAs and immediately allocate bandwidth across the WAN.

PacketShaper’s bandwidth management capabilities also can thwart denial of service attacks on e-commerce Web servers by hackers. This kind of attack floods the available bandwidth with bogus access attempts, thus blocking access to services by legitimate users. PacketShaper’s traffic identification features allow the network administrator to lock onto an excessive traffic stream for detailed analysis. Its control capabilities can then be used to block the flow, thereby shutting down the hacker’s ability to keep up a sustained attack against the Web server.

Diff-Serv might seem to dispense with the need for some of PacketShaper’s key capabilities, since it marks the headers of each packet to indicate relative priority while traversing the WAN. If successful, all WAN equipment will interpret the setting in the same manner, allowing the WAN to prioritize more important traffic. However, Diff-Serv does not discover or classify traffic or handle LAN-to-WAN congestion, as PacketShaper does. At the discretion of the network administrator, PacketShaper can read, set, ignore, and sanitize Diff-Serv settings.

PacketShaper offers a sophisticated set of traffic classification features. It lets network administrators prioritize IP traffic by the usual classifications of IP address, subnet, and TCP or UDP application. The system can also be used to manage non-IP protocols such as IPX, AppleTalk, SNA, DECnet, and NetBIOS. In addition, the network administrator can set characteristics for traffic by URL; for example, specifying that image files be treated differently from text files during Web page downloads, or by estimated speed of the client, by direction, and by options in the IP packet header.

Once the traffic has been classified, PacketShaper offers numerous traffic control-options. The network administrator can guarantee minimum bandwidth with a maximum burst capacity, choose a priority-based approach, or simply discard packets. For incoming HTTP traffic, clients running at various bandwidths can be handled differently, such as redirecting traffic streams that are above or below a given speed to a different server. The network administrator can also decide how to handle a new connection that comes in that cannot be guaranteed its minimum bandwidth: reject it or try to cram it in anyway.

PacketShaper provides network administrators with a mechanism to see what effect constantly changing traffic patterns have on network performance. Packet-Shaper provides a very broad picture of any segment, anywhere on the network. This allows the network administrator to see if huge bursts of activity are occurring on a segment, for example, and what application is causing it, all in real time.

The tool is designed to help network administrators apportion bandwidth to various outgoing traffic types. It can identify what type of traffic users are requesting so bandwidth can be split off just for those applications. For instance, if a site handles large amounts of FTP traffic, that traffic could choke other traffic types by consuming the entire bandwidth of a T1 line as users download files. PacketShaper allows the network administrator to cap the outgoing rate of traffic so e-mail, streaming applications, or other traffic types also get the bandwidth they need.

A possible hidden cost of implementing PacketShaper is that it is a highly complex product and may require technical support to configure properly. To many users, the product may seem to have an overly complex user interface, making it difficult to learn and use. While a network administrator can easily call for specific graphs for a particular traffic class, the whole status of the network cannot be seen at a glance. When the network administrator wants to look at usage data, the console furnishes the information one graph at a time.

Since PacketShaper is a hardware-based bandwidth management solution, a separate box is required at each edge location on the network, with high-traffic locations requiring multiple boxes. This could make large-scale deployments of PacketShaper more expensive than some software-based solutions. However, this may be justified for companies that need the traffic characterization flexibility PacketShaper provides.

PacketShaper is well suited for network administrators who must have the abilityto micromanage packet flow. Understanding the content, performance, and behavior of network traffic leads to better network planning and management. The combination of PacketShaper’s automatic application discovery, responsetime measurements, utilization statistics, and efficiency calculations provide network administrators with the information they need to accomplish these tasks, while giving them the opportunity to improve application performance, reduce retransmissions, optimize bandwidth capacity, and help avoid expensive bandwidth upgrades.