|
|
|
|
2003 Survivor's Guide to Infrastructure
|
 |
|
December 15, 2002
By Peter Morrissey
|
>> continued from previous page
Digging Deeper
Network equipment is not only getting cheaper, it's getting smarter. Most routers and switches now let you look deep into the contents of a packet and decide what to do with it depending on what is found.
Many switches that normally operate at Layer 2 now let you add security filtering at Layer 3. This means you can get tighter control over who has access to what within your organization. And packets can be prioritized by IP address, port combinations and DiffServ (Differentiated Services) code points. Many products accomplish this using ASICs that maintain true wire-speed performance.
As for Layer 2 QoS, look for products that support the 802.1p standard. And if you have a routed backbone, make sure it can carry Layer 2 QoS from end to end. When you consider that a router puts a new frame on every packet, any Layer 2 QoS is lost unless a translation takes place as it goes in and out of the router. This is especially critical for latency-sensitive applications like VoIP (voice over IP). If a VoIP packet is marked with Layer 2 and Layer 3 QoS, as many IP phones do by the time the packet gets into a Layer 2 network on the other side of the router, it will be on its own unless the core router rewrites the outgoing frame with Layer 2 QoS. You also want to be able to enforce your QoS policies at the core--the core router should be able to rewrite the QoS attributes in a packet based on your policies so that you are not at the mercy of the end stations.
|
|
The biggest problem you will encounter is configuring and managing it all. The implementation of many of these features usually requires the use of cryptic commands at the command line. If you have a larger network, you could end up with a poorly documented mishmash of ACLs. A good GUI-based configuration-management application can go a long way toward addressing this problem. Look for vendors whose products come with GUI interfaces that let you quickly and easily program end-to-end QoS.
Many organizations have discovered the benefit of packet shapers. This technology makes creative use of the TCP protocol to impact the behavior of packets before they arrive on the network. This is different than QoS implemented in a switch or router, which can control only the priority as traffic passes through the device. Although you pay for the incoming bandwidth, you wouldn't be able to control the traffic that comes down your Internet pipe unless you implement QoS in the router at your ISP's point of presence. Devices from Packeteer and Sitara Networks can send TCP flow-control messages to the source to slow its rate of transmission before it even gets in your incoming Internet pipe. These devices also tend to be much better at looking beyond port numbers to identify applications, a critical function as there is otherwise nothing to stop an application from hiding inside Port 80, for example. In addition, they come with substantial reporting capabilities, making this a technology you should be taking a serious look at, especially for expensive Internet and wide area connections.
Asking for Directions
For decades, telecom people have been balancing long-distance traffic across multiple vendors. This PBX feature, known as least-cost routing, has made it possible to route traffic across multiple hunt groups to reduce costs and reliance upon specific carriers for legacy voice communications. The least-cost routing concept makes even more sense for Internet traffic where performance can vary significantly from provider to provider at any given time. Route optimization products make it possible to route traffic dynamically across multiple ISPs with the potential for significant cost-savings and performance improvements.
Route balancing is also an effective way to mitigate the performance risks of setting up VPNs that traverse multiple ISPs. Route balancers also provide reports that give you insight into your ISP's hour-by-hour performance. This information can be invaluable when it's time to renegotiate your next ISP contract.
The route-balancing market is maturing--you'll find a several vendors offering route balancing in an appliance or as a service. This functionality does not come cheap, but vendors are starting to offer low-end versions of their products for smaller organizations and branch offices. Route balancers usually let you route by cost as well, giving you better control over usage-sensitive links.
|
|
|
|
|
|
|
|
RSS
