Bandwidth is allocated to a class of network traffic. Traffic is put into classes using a set of filters. Filters are defined using some or all of the following:
IP source address
IP destination address
IP protocol (TCP, UDP or other)
Source ports for TCP and UDP
Destination ports for TCP and UDP
Type of Service (TOS) value
URL or URL Group
Class definitions are hierarchical and every class has a parent. For example, if you define a class for FTP traffic and a class for FTP traffic to a host called pear, the classes are connected in a hierarchy as shown in Figure 1-1.
In this example, the ftp class is a child of the root class and is the parent of the ftp-to-pear class.
The configuration of Solaris Bandwidth Manager specifies the set of known classes for an interface, defined in terms of the values of some or all of these factors. It also allocates a percentage of bandwidth and a priority to each class. The priority of a class is an integer from 1 (highest priority) to 7 (lowest priority).
When a packet arrives at Solaris Bandwidth Manager, the classifier analyses the packet protocol, TOS value, URL information, source information, and destination information and allocates the packet to a class queue where it waits to be processed. If the queue to which a packet is allocated is full, the packet is dropped. Normal retransmission means that the packet is resent.
The scheduler uses the percentage bandwidth configured and the priority for each class to decide the order in which class queues are processed. Within a class queue, the packets are processed on a first-in, first-out basis. When the network traffic reaches the maximum allocated to a class, packets from the next class in priority order are processed.
Each class is guaranteed a percentage of the bandwidth, and when that limit is reached, normally no more traffic from that class can be forwarded. However, if the network link is not fully used, a class can borrow bandwidth temporarily from its parent class, and send traffic at a percentage that exceeds its allocation.
It is possible to set a maximum allowed bandwidth for a class--to stop it borrowing all of the available bandwidth.
The root class is a special class that is created automatically by the Solaris Bandwidth Manager policy agent. You cannot explicitly assign guaranteed bandwidth to the root class: if the total bandwidth allocated to other classes is less than 100%, the difference is allocated to the root class and is available for borrowing and for use by traffic not allocated to any other class.
The default class is an optional special class. Any packet that the classifier does not allocate to a specific class is put in the default class. The scheduler treats the default class in exactly the same way as any other class.
If you do not define a default class, any packet that the classifier does not allocate to a specific class is put in the root class.
A flow is a complete exchange of data across a network, such as a file transfer by ftp or a mail message being sent by smtp.
A flow is identified by:
The interface used
The IP source address
The IP destination address
The IP protocol (TCP, UDP or other)
The source and destination ports (TCP and UDP)
The IP type of service (TOS) value
The URL
For more information on flow statistics, see "Flows". Using the Java APIs, it is possible to write an application to detect the start of a flow, or the presence of traffic in a new flow, and update the configuration to take account of that flow.
Solaris Bandwidth Manager configuration information and policy information can be stored in a directory service such as Sun Directory Services 3.1. Some advantages to this approach are:
The configuration of multiple instances of Solaris Bandwidth Manager can be updated from a single point, the directory.
The configuration can be dynamically updated upon detection of user connections or traffic flows, for example when remote access using the RADIUS protocol is in use.
In many networks, particularly where users have dial-up connections or are mobile, there is no permanent mapping between a user and an IP address. However, if a remote user connects to the network using a RADIUS login sequence when using Sun Directory Services, the user's directory entry is updated with the current IP address. Using a directory to store information about users and their current locations provides a way to identify the user who is associated with a particular IP address. This has two benefits:
You can adjust the configuration of the classifier and scheduler depending on the actual usage of the network.
You can collect accounting information for individual users.
See Chapter 6, Configuring Solaris Bandwidth Manager with a Directory Service for details of how Solaris Bandwidth Manager interacts with a directory service.
Most web transactions involve a proxy web server. This proxy hides the actual HTTP server from the user. Classifying web traffic based on the proxy's IP address does not provide an accurate view of the actual network traffic. Solaris Bandwidth Manager can use URLs to identify and classify web traffic.
The header of an IP packet contains a Type of Service (TOS) field. This field was originally designed to be used by the upper layers to provide information to the Internet layer to optimize the packet route. It is used in both routing and queuing algorithms.
Solaris Bandwidth Manager has two available TOS modes, TOS match and TOS mark. In TOS match mode, the TOS value is used to classify the packet. In TOS mark mode, the packet is classified using other information, and a TOS value inserted, replacing any existing TOS value. The TOS value inserted is configured for the class. TOS match and TOS match mode can be used simultaneously. In this case, the TOS value is used to classify the packet and is then overwitten with a new TOS value.
Use of the TOS value by Solaris Bandwidth Manager is optional. See "Interface Definition" for information about setting the mode to determine whether the TOS value is used, and in which mode. If you are not using a TOS mode, the value of the TOS field is left unchanged.
Knowing how your network is being used lets you charge accordingly. Solaris Bandwidth Manager provides two sets of statistics that you can use for accounting:
class statistics |
The cumulated number of bytes per class. |
flow statistics |
The cumulated number of bytes per flow. |
See Chapter 8, Statistics for information about how to use the statistics features in Solaris Bandwidth Manager.