1 / 15

Understanding QoS and DiffServ in Microsoft Environments

This presentation explores Quality of Service (QoS) and Differentiated Services (DiffServ) in Microsoft networks. It discusses the critical role of hosts in providing QoS, including how applications can signal their bandwidth requirements. The session highlights current industry trends, challenges with static configurations, and the necessity for dynamic resource allocation to support high-value traffic like voice and critical application data. It emphasizes the importance of QoS policy management and the integration of Microsoft’s QoS components into network administration and user access policies.

kyna
Télécharger la présentation

Understanding QoS and DiffServ in Microsoft Environments

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Diff Serv and QoS Support in Microsoft HostsPeter S. Fordpeterf@microsoft.comNANOG, 8 June 1998

  2. Agenda • Why QoS? • Role of Hosts in providing QoS • Microsoft NT QoS Components

  3. Diff Serv WG Observation • “100s of Bald Men arguing over 8 Combs” - An Internet Wag

  4. What Needs QoS? • VPNs over the Internet • High value traffic - branch offices and telecommuters • Easy to do with static config of filter lists • Current focus of Industry Buzz • Applications sensitive to packet loss • SAP, SQL, RPC, SNA, DEC LAT, … • Web “RPC” - HTTP get • Audio over RTP/UDP - Voice over IP • Many of these are harder to do with static configurations based on layer 3 filters

  5. Hosts and QoS • QoS, Diff Serv, etc. enhance carriage of application bits over the network • In many cases only the hosts/apps have knowledge of QoS needs • Certain web pages have priority • ports are not enough to classify traffic • End to end IP security • there are no ports to look at • Hosts have an important role in the evolving QoS landscape

  6. Managing Resource Allocation In The Network • Current IP networks are “Best Effort” (BE) - Standby Model w/in-flight bumping • “QoS Enabled Networks” - Network Resources allocated btw BE and “more important” traffic (e.g. queue, priority, bandwidth, etc.) • Hosts signal network and request resource for entitled users/applications subject to Network Admission Control • Net Admins Authorize and Prioritize access to resources based on user application

  7. QoS Mechanisms Exploited • Precedence/Priority • IP TOS/Precedence bits (layer 3) • tracking where differentiated services ends up ... • IEEE 802.1p (layer2) • Application Flows can be isolated, prioritized and scheduled by the Stack • Signaling into Network (RSVP, ATM) • Network Admins configure QoS Policy on hosts and in the network

  8. Microsoft QoS Components Directory Services for QoS Policy Storage QoS-aware application Network mgmt. application WinSock2 QoS API QoS SP TCI API TCP/IP LDAP for Policies Packet classifier Packet Scheduler Netcards ACS/SBM Routers/Switches

  9. DS RSVP PATH 1 Mbps controlled load \\redmond\userx Check \\redmond\userx Packets Rescheduled DS based QoS Networking Receiver FTP Netmeeting RSVP ISP w/Diff Serv Traffic control Router ACS 802.1p Priority Prio=5 Prio=1

  10. Microsoft QoS Components • WinSock 2 Generic QoS API • Allows applications to request the QoS they need, regardless of the underlying mechanisms (RSVP, IP Priority, ...) • QoS Signaling - End System to Network • Explicit - RSVP with Policy Objects (e.g. user id) • integrated with IPSEC • Implicit - IP Diff Serv /IEEE 802.1p • Traffic Control API w/Kernel Stack Support • Kernel based queueing of traffic flows • IP, IEEE 802.1P precedence/priority • Admission Control Service • QoS Directory Console for Network Admins • In network policy enforcement • Also adds L2 shared media management

  11. ACS Management Model • Network Admin Administers QoS Policies in the Directory Service • User Object is extended to permit a mapping from a User to a Group Profile • e.g. Redmond\Bob -> Programmers • Default policies at Organization Level • “All users can reserve up to 500 Kbps” • “Programmers get 100 Kbps” • Enterprise-wide User, Profile policies • Per Subnetwork Policies • Individual Users and Group Profiles

  12. ACS Policy Operation • Host RSVP service provider inserts RSVP policy objects in RSVP messages • Contains User Identity represented as an encrypted DN {dc=com, dc=microsoft, ou=redmond, n=bob}Ksession • Security token to prove identity (kerberos ticket for ACS service) • Ticket encrypted in private key of ACS service • Session Key (Ksession) is in Ticket • Digital signature over RSVP message to avoid policy object reuse (cut and paste) • ACS servers in network authorize requests • Crack ticket to get identity of requestor • Check User’s Policy in the Directory

  13. In Summary • Need many pieces of QoS picture to satisfy customer requirements • Diff Serv for ISPs and large networks • Fine grain policy control • Centralized management for QoS Policies • both Diff Serv and RSVP signaled flows • Use of Directory services • RSVP may prove useful in many ways • Internal provisioning of QoS - PASTE (Li and Rehkter) • Customer to ISP - dynamic signaling instead of the desert of pre- provisioning

  14. Admission Control Services Policy Functionality • Admission Control Servers • part of RSVP process on a network server (NT, switch, router, etc.) • implements RSVP and SBM • ACS takes requests and tests against policy and/or resource limits • Hosts can use RSVP signaling • Hosts on LANs also participate in SBM • Policies are maintained in the Directory (DS) • ACS uses LDAP to retrieve Policy Information from DS • ACS Policy is per subnetwork/per user • Can be abstracted to “per Enterprise/Per Group” • Enables approval/denial of resources based on user ID, time of day, resource limits (bandwidth, priority, ...), etc. • Can Aggregate requests into priority groups at ISP/WAN interfaces • can “re-write” user id to corp id at ISP boundaries

  15. Extensibility of ACS Policy Framework • Can add new policy objects to RSVP messages • Can add new policy interpretation modules to ACS servers • API to call out to policy module • Can extend ACS policy objects in the Directory • End Systems can pull policy down from Directory to configure QoS

More Related