Embed Size (px)
Citation preview
Scalable, efficient, personalized, end-to-end
QoS Provisioning
Polyrakis [email protected]
Dimitrios Kalogeras [email protected]
21.03.2002
GRNET - NTUA
Contents
Motives & Targets Approach LAN Archtiecture WAN Architecture Demo
Motives Issues in QoS Provisioning
Personalization vs Automation • (LDAP policies)
Personalization vs Scalability • (personalized policies inter-domain signaling)
Scalability vs Automation • (DiffServ RSVP)
Automation vs Personalization• (RSVP LDAP)
Requirements Scalable Personalized Automated (efficient) End-to-End
Projects’ Targets
«Almost» Automatic QoS Provisioning per User /Application Almost ~
• Atomated Administratevelly• (Semi) automated from user
Personalized service Allocation from Administrator User’s request
End-to-End (inter-domain)
Basic Assumptions
Approach LAN – WAN WAN: Architecture Diffserv LAN: Architecture RSVP
A Border router (congestion) in LAN Internal LAN Overprovisioned – GigE Congestion on egress of WAN’s POPs
Approach
LAN problem Authentication Personalization Signaling
DiffServ marking of egress traffic Check ingress traffic BEFORE admitting
Trust Model
Egress - Shengen Model Check on Exit
Ingress – Visa Model Check on entrance
I.e.: Gold traffic between NTUA UoP Check fron NTUA on Exit Free transit in GRnet Check from UoP on entrance
End-2-End?
LANLAN
DiffServ Domain
Tower PC
Laptop computer
Server
Server
Server
QoS Request Accept and Process from LAN PDP LAN Installation- Automatic Reception from WAN Reception of reverse traffic on WAΝ’s PoP Symmetric Procedure on the other end provides
Bidirectional end-2-end Qos
LAN Approach
Modelling Profiles
Set of allowed QoS configuration• Assigned (default QoS Policy)• Requested (Rights for QoS Requests)
Application of Profiles on Users Policies
Logging of requirements Application of Policies on routers
Policies + Profiles + Authentication info (+user requests) Implementation of Targets
Implementation – Policies
QoS Policy – Modular QoS CLI (MQC) Classes – group of traffic with ACLs Action – “priority – Bandwidth” Olympic Metal “Gold, Silver, Bronze” Preconfigured ratio G-S-B
Implementation - LDAP Profiles
Flow Description , Possible CLasses)
Assigned – Requested More conditions
Users ε profilesName LocalIP LocalPort RemoteIP RemotePort Protocol Direction Type Class MaxDayUser MaxDayTot Between
Req Gold TCP 0.0.0.0/0 all 0.0.0.0/0 all tcp both R Gold 15 60 00:-24:00Req Gold UDP to ntua 0.0.0.0/0 all 147.102.0.0/16 all udp both R Gold 15 60 07:00-17:00
Req Silver IP 0.0.0.0/0 all 0.0.0.0/0 all all both R Silver 15 60 07:00-17:00Assigned Silver FTP 0.0.0.0/0 all 0.0.0.0/0 all FTP both A Silver 40 180 00:-24:00
user Profileapolyr Req Gold TCPapolyr Req Gold UDP to ntuaapolyr Req Silver IPapolyr Assigned Silver FTPkkalev Req Gold TCPdkalo Req Gold TCPdkalo Req Gold UDP to ntuadkalo Req Silver IPdkalo Assigned Silver FTP
user Name LocalIP LocalPort RemoteIP RemotePort Protocol Direction Type Classapolyr Req Gold TCP 0.0.0.0/0 all 0.0.0.0/0 all tcp both R Goldapolyr Req Gold UDP to ntua 0.0.0.0/0 all 147.102.0.0/16 all udp both R Goldapolyr Req Silver IP 0.0.0.0/0 all 0.0.0.0/0 all all both R Silverapolyr Assigned Silver FTP 0.0.0.0/0 all 0.0.0.0/0 all FTP both A Silverkkalev Req Gold TCP 0.0.0.0/0 all 0.0.0.0/0 all tcp both R Golddkalo Req Gold TCP 0.0.0.0/0 all 0.0.0.0/0 all tcp both R Golddkalo Req Gold UDP to ntua 0.0.0.0/0 all 147.102.0.0/16 all udp both R Golddkalo Req Silver IP 0.0.0.0/0 all 0.0.0.0/0 all all both R Silverdkalo Assigned Silver FTP 0.0.0.0/0 all 0.0.0.0/0 all FTP both A Silver
user Name MaxDayUser MaxDayTot Betweenapolyr Req Gold TCP 15 60 00:-24:00apolyr Req Gold UDP to ntua 15 60 07:00-17:00apolyr Req Silver IP 15 60 07:00-17:00apolyr Assigned Silver FTP 40 180 00:-24:00kkalev Req Gold TCP 15 60 00:-24:00dkalo Req Gold TCP 15 60 00:-24:00dkalo Req Gold UDP to ntua 15 60 07:00-17:00dkalo Req Silver IP 15 60 07:00-17:00dkalo Assigned Silver FTP 40 180 00:-24:00
PDPMonitoring &Accounting
Implementation – User Interface
Thin Client – Fat Server Web application
Secure Authentication ( Username, Password), secure cookies, One-Time Passwords
Soft-state (RSVP Like) Signaling (manual)
• Automated signaling via RSVP not yet implemented
Implementation – Policy Server
Central Server Policy Decision Point (PDP) Data Base
Implemetation - DataBase
Authentication Information Registered resources from (IP, Ports) User Profiles from LDAP User’s Request
ACL for (MQC)
• Furthermore: Statisitics, monitoring data
Implementation - PDP Data Combination in DataBase ACLs Creation Uploading ACLs on router
Step 1: Database clean up expired users ( authenticated resources) expired requests, requests of expired deleted users of policies of deleted users Of policies with class not matching acls
Step 2: monitoring-accounting application. Policy inactivation when daily usage has expired
user Class User’s profile
Step 3: Revision of acl table Deletion if old rows Rename of old entries to new ones Creation of new rows
Step 4: Creation of incoming and outgoing acl Step 5: Upload of acls on TFTP and HTTP server Step6 6: Comand router to download outgoing acl
host
Directory
Custom SBM
Authentication
Monitoring
QoSSignaling
Router
Policy Server
Policy Decision Point(PDP)
DB
Device-SpecificWrapper
Basic LAN Architecture
WAN Approach
Extension of QoS Requests on Backbone
Installation of incoming policy of every member according to his requirement
Configuration of every member on backbone LDAP Connected Router Static / Dynamic Policy
• Dynamic {url, refresh rate}
Communication with member PDP Easy application on Internet connection
(Geant) Policy communication with ( HTTP)
WAN - Architecture
Directory
Policy Server
NRN
NRN
NRN
NRN
UpStream
NRN’s PoliciesLDAP PoliciesConfiguration Commands
Extension of QoS on Remote side
Check Incoming policy from every member Autonomy NO Backbone management (installation …)
Symmetric implementation on outgoing policy
Extension: Automatic Installation of reverse direction SLAs Between members Between members and GRNET
Demohttp://linux.noc.ntua.gr/qos
Acknowledgements
Kostas Kalevras Thanasis Douitsis
Rania labrou
Ευχαριστούμε!!!
?Ερωτήσεις ????
