Bone up on protocols

Get your protocols in the right place and your network will run smoothly.'s Cliff Saran explains what should go where

Get your protocols in the right place and your network will run smoothly.'s Cliff Saran explains what should go where

Early attempts at voice over IP (VoIP), "sounded like a tin can", according to analyst Galen Schreck, in the Forrester Research paper IP Phones: better, not cheaper, which was published in June 2001. Without sophisticated quality of service mechanisms to guarantee bandwidth for voice calls, he wrote, early users of VoIP services sounded like they were "calling from the bottom of a well".

The good news is that the situation with VoIP has steadily improved. And although making phone calls over an IP network may not be a high priority, the techniques now used by network equipment suppliers to improve call quality has had a knock-on effect for applications communicating across a network. Enterprise resource planning, databases, client/server applications, e-mail and Web access are all vulnerable to network tantrums: improve the network and end-users see these applications running better too.

If a network link is congested, check the speed of the server link, advises Charles Gallagher, director of product management at networking giant 3Com. The easiest remedy for a slow link from the server onto the Lan is a second network card. "If traffic is still congested, move to Gigabit Ethernet or reconfigure the network to reduce the effect of the bottleneck," he says.

There are two approaches to reconfiguring the network to to maintain a high quality of service and make the best use of available bandwidth. The first, lower level protocol, called IEEE 802.1p, operates at Layer 2 in the TCP/IP network stack. This provides a way to split the network into virtual Lans. Priority network traffic can then route through the faster virtual Lan while less critical traffic can use slower ones. This technology is now implemented, at wire speed, in most Ethernet Lan infrastructure products. However, when network traffic is routed across a wide area network (Wan) via an IP link then 802.1p quality of service information is lost.

The Internet Engineering Task Force has been working on a number of quality of service systems. The task force and industry have now agreed that the way forward for IP quality of service is Differentiated Services, or Diff-Serv (RFC 2474 and 2475). This operates at the higher Layer 3 network topology, using a protocol known as Diff-Serv codepoint to identify priority levels for individual packets of network traffic.

Gallagher says with this technology "high priority traffic can get processed ahead of everything else in the network". This technique of boosting the network performance of applications is useful for software such as SAP R/3, where end-users may be making heavy use of the system to run month-end reports. "By giving the [SAP traffic] a higher priority on the network, the application will get a boost," he says.

There is, however, only so much reconfiguration a user can do, Gallagher notes. "If a network manager runs out of bandwidth, the network will grind to a halt." Rather than micro-manage bandwidth, his advice is to upgrade the network.

When considering an upgrade, it is worth noting that running a network at close to 100% utilisation is asking for trouble. "Network utilisation will have peaks and troughs in usage. When installing a network with a lifespan of five years, network managers need to factor in the growth in network usage over this period," he says.

In Gallagher's experience, this can be as much as three or four times current network usage. "Buy as much network headroom as possible," he advises. This may mean the network only averages 20% utilisation today, but as Gallagher observes, "It leaves you with 80% spare capacity."

So how much headroom should you leave? In a typical 3Com customer installation there would be a switched 10megabit per second (mbps) Ethernet system connecting desktop PCs to the corporate Lan which would be based on a Gigabit Ethernet backbone. Gallagher says this should give a good deal of headroom, but when a network contains extremely demanding applications, "some users will use Gigabit Ethernet straight through to the desktop".

If the prospect of wiring the whole organisation with Gigabit Ethernet does not appeal, end-user perception will prevail. When the network is congested, applications can behave erratically and end-users will notice. Gavin McFadyen, solution marketing manager for IP telephony at Nortel Networks, says, "People really notice if network packets are lost."

When such a network problem occurs, the packet needs to be re-sent. The most visible effects of packet loss include a user's browser software having to reload a Web page because it failed to download correctly or broken speech during a telephone conversation using IP.

McFadyen says, "On internal networks, packet loss should not occur. With sufficient bandwidth end-users should experience minimal packet loss." However, the situation changes when connecting across a company's Wan. The problem then is that a relatively fast Lan link, say 100mbps from a server, is squeezed down to a 2mbps link over the Wan.

Nortel was the first supplier to provide an edge device supporting Diff-Serv. "Many network suppliers only support the network core which means that on the down-link between the edge of the network and the core, packets could be lost."

For McFadyen, one of the benefits of Diff-Serv is that it will work on existing networks. Moreover, the next generation of IP, called IPv6, will include Diff-Serv.

With so much going for it, one wonders why users need any other type of network quality of service system. Roger James, pre-sales technical director at communications giant Avaya, has a theory. "Legacy network hardware will ignore quality of service information," he says, and this can cause problems if the latest switching technology is installed at the network core but older equipment is left at the network's edge.

Avaya recommends using a combination of Diff-Serv and IEEE 802.1p to provide strong end-to-end quality of service. To use both schemes in the IP network you need to create a mapping between 802.1p information and Diff-Serv via the switch's mapping table. For instance when a packet comes from a PC or IP telephone via an edge switch it may only have 802.1p priority information. The core switch can investigate the 802.1p information, refer to its mapping table and convert this to the equivalent Diff-Serv data. This can then be transmitted across the Lan or Wan to provide quality of service based on Diff-Serv.

The router and switch themselves provide some form of quality of service. James says that in an IP-routed environment of switches and routers, the IP routing protocols are used to find one or more routes between two end points or network devices.

IP routing generally relies on Routing Information Protocols (Rip) 1 and 2 and Open Shortest Path First (OSPF). "Typically in a network you will use either Rip or OSPF, not both," James explains.

So what is the difference? In his experience, most larger installations will use OSPF as it places a lot less load on the network infrastructure than Rip 1 and 2.

Rip uses what is known in network terminology as "a hop count" to determine which route is the shortest between two points. In other words, network equipment is designed such that an IP packet would use the least number of routers and switches to reach its final destination. James says Rip optimises the route between two paths so it has the least hops. In addition it will keep a record of the other "longer" routes for fail-over situations in the event the best route has a network problem. He says Rip passes hop information between the routers so they can build a map of hops to locations on the network.

It is worth noting, says James, that "Rip does not take into account the actual link speeds between hops, just the number of hops". You can vary the impact of a hop so that the protocol can be influenced to take a particular route.

The network mapping information is a key aspect of Rip. As network devices continue to talk to each other they build up a "link state map" for the area of the network they use. James says OSPF builds this map more efficiently, since less information is passed between routers to build the map. OSPF is also quicker to respond and recalculate routes if a failure occurs. In most cases the routing protocols can be left to work out routes across the network. However, you will probably want to exert some control to ensure the best network response by tweaking various switches and router configurations, says James.

Now if such changes are made they apply to all IP traffic routed across the network. "If you want to differentiate between traffic types you have to use Diff-Serv or 802.1p at each hop," he says. A typical set-up could prioritise network management traffic first (routing updates to keep the network going), VoIP second and SAP third.

James explains, "You pick the best motorway between two points [the route] and as you get onto the motorway you have three lanes - slow, medium and fast - to travel along." In effect, Rip and OSPF pick the motorway; Diff-Serv and 802.1p protocols choose the lane. "As with driving you do not want to have to change route too often as it requires re-calculation," James says. But an easy way to speed up or slow down is by changing lanes, ie using Diff-Serv or 802.1p to make "priority" network traffic use the fast lanes.

More often than not, good network management involves using the right management tools. Generally, such tools are designed to keep the network running at peak performance: faults are identified, prioritised and fixed by their impact on the quality of the network service.

This works very well within the confines of a corporate network. But there is an inherent problem with IP. Predicting how traffic will affect the quality of service on the network cannot be easily modelled when dealing with the huge swings in traffic common on the Internet.

Traditionally the problem for users has been that as they attempt to drive new business through the Web they need to ensure that they buy enough IT capacity to deal with any level of Web traffic. But the extra IT capacity is largely under-utilised and is seen by business leaders as a cost they cannot justify. Giga senior analyst Will Cappelli says that as business turned towards the Internet economy, "The need to make accurate predictions on network traffic is more important than ever."

Earlier this year US lingerie store Victoria's Secret spent e10m (£6.3m) on up-rating its network infrastructure to deal with peak demands in usage for an online fashion show it was running. The company's previous attempt bombed when the site was hit by a massive surge in traffic. This time, the e10m investment maintained the Web site during peak demand.

Unfortunately, as Cappelli observes, the Poisson mathematical models traditionally used to predict network bandwidth is grossly inaccurate at estimating how an IP network will scale. This has led to the situation where some users are over-provisioning by buying far more IT than they need just in case they experience a huge peak in Internet traffic.

So Poisson is unsuitable for modelling networks based on IP. This, says Cappelli means that enterprise management frameworks such as Tivoli Enterprise, CA Unicenter and HP Openview are not suitable for predicting network load on an IP network. "The major [suppliers] are aware that traditional management software will not be effective in the new [IP-based] world."

He says he is seeing a management architecture emerging based on the types of capacity planning tools used by Internet and application service providers (ISPs and ASPs). Large financial institutions are using such tools to predict more accurately the scalability of their IP networks.

The alternative to Poisson, Cappelli says, is using a mathematical model based on fractals to give you a better idea of your network's scalability but current network management tools do not support it. Such techniques, however, are found in capacity planning software used by ISPs and ASPs. The future may well see the emergence of a new class of tools employing fractal techniques to model the behaviour of IP networks and these will help network engineers improve quality of service on the Internet sites they manage.

In the not too distant future, users will increasingly turn to VoIP or IP telephony to provide powerful telephone-based services. To succeed, such applications will require networks that are tightly managed, allowing priority voice traffic to pass through without being hampered by network congestion. Protocols such as 802.1p and Diff-Serv allow users to prioritise network traffic today. With these protocols and the future roll-out of IPv6, users are in a strong position to maintain network quality of service whatever end-users throw at them.


802.1p - an IEEE standard for providing quality of service within a Lan

Differentiated Services - or Diff-Serv - a way to prioritise real time network traffic

Fractal analysis - a new way of modelling network behaviour to take into account peak Internet traffic

Poisson - a statistical model traditionally used for predicting network traffic

Protocol stack - a hierarchical set of network protocols. Higher layers are aimed at passing data specific to application software; lower layers deal with physical hardware.

Routing protocol - a technique used by routers to determine the most efficient way to send network traffic to another device. Examples include Routing Information Protocol and Open Shortest Path First

TCP/IP - Transmission Control Protocol/Internet Protocol is the networking standard for the Internet, allowing data transfer between computer systems anywhere on the planet.


  • The easiest way to improve a slow network link is to install a second network card on the server

  • Using virtual Lans a network manager can ensure critical network traffic is given priority within the Lan environment

  • When data needs to cross a Wan, Differentiated Services provides a means to prioritise network traffic

  • Network switches and routers optimise traffic flow by calculating the "least number of hops" IP packets need to take

  • It is difficult to model the behaviour of IP networks that connect to the Internet, as peak traffic can skew estimates of network performance.

Read more on Voice networking and VoIP