Aggregation and Conformance in Differentiated Service Networks: A Case Study* Roch A. Guarin Dept. Elec. Eng., U. Pennsylvania 200 South 33rd Street Philadelphia, PA 19104, USA [email protected] Vicent Pla $ Dept. Communications, U.P. de Valencia Carretera Nazaret-Oliva 46730, Grau de Gandia, Spain [email protected] ABSTRACT The Differentiated Service (Diff-Serv) architecture [1] advo- cates a model based on different "granularity" at network edges and within the network. In particular, core routers are only required to act on a few aggregates that are meant to offer a pre-defined set of service levels. The use of aggregation raises a number of questions for end-to-end services, in particular when crossing domain boundaries where policing actions may be ap- plied. This paper focuses on the impact of such policing actions in the context of individual and bulk services built on top of the Expedited Forwarding (EF) 17] per-hop-behavior (PI-IB). The findings of this investigation confirm and quantify the expected need for reshaping at network boundaries, and identify a num- ber of somewhat unexpected behaviors. Recommendations are also made for when reshaping is not available. 1. INTRODUCTION Support for some form of service guarantees in IP networks is becoming an important requirement, not only because of emerging multimedia applications, but also because of new usages embodied in service level agreements between users and providers. This is one of the motivations behind the Differentiated Services standard- ization efforts carried out by the Internet Engineering Task Force (IETF) [ 1 ]. The Differentiated Services framework relies on a small number of service levels, or Per Hop Behaviors (PHBs), that each specifies how a router should treat the corresponding packets. At least two types of treatments are being standardized: The Assured Forwarding (AF) group of PHBs [4], and the Expedited Forward- ing (EF) PHB [7]. The aggregate model of Diff-Serv is highly scalable, but it also raises questions in terms of the type of set- *This work was supported in part by a grant from Nortel Networks and by NSF grants ANI99-06855 and ANI99-02943. "fPart of this work was done while visiting the University of Pennsylvania. This author has been supported in part by the Spanish Ministry of Educaci6n y Cultura under project TIC98-0495-C02-02 vices it can provide. For example, because all packets within a PHB are treated the same way, the granularity of "services" that can be offered is unclear. In this paper, we concentrate on thepo- tential penalty imposed by aggregating traffic into a small number of packet treatments, in terms of the conformance of flows as they exit a Diff-Serv domain. Conformance is measured in relation to a policer (see [5, 6] for two possible examples), that controls the vol- ume and timing of packet transmissions. There are several reasons for why such a measure is of interest. First, it provides a simple ref- erence point for estimating the level of "perturbations" caused by interactions between flows aggregated in the same PHB l . Second, it quantifies those perturbations in terms of the "contract" viola- tions they translate into, namely, the number of non-conformant packets they create as seen by an egress policer. Such a contractual comparison is meaningful in environments where flows cross mul- tiple Diff-Serv domains, and where policing actions are applied at (provider) domain boundaries. In that context, we consider two possible service configurations. The first corresponds to an end-to-end service model, where a cus- tomer has established individual contracts with all the providers on its path. In such an instance, policing at domain boundaries is performed on the set of packets associated with each customer, as providers will typically not trust the policing performed by other providers. The second configuration assumes that customers nego- tiate service contracts only with their local provider, which is then responsible for securing the necessary (peering) agreements with other providers it connects to. In this case, policing at boundaries between provider domains will be based on aggregates correspond- ing to the bulk contracts negotiated between providers. In the paper, we investigate the above issues in the context of a service based on the EF PHB. We assume that user EF traffic is shaped on ingress to conform to a single token bucket filter that controls long term rate and burst size 2, and we study the extent to which it becomes non-conformant after crossing a Diff-Serv do- main. Egress non-conformance is evaluated using another token bucket to determine the number of non-conformant packets, as well as the distribution of the amount of time by which they are non- conformant. This is aimed at assessing the impact of aggregation and the need for egress reshaping. Reshaping has been mentioned as a possible requirement for services based on the EF PFIB [7, 10], but where and the extent to which it is needed is still unclear. In particular, because of the need to compute conformance times and 1In this paper, we concentrate on interactions within a PHB, and ignore those caused by interactions across PHBs. 2In conformance with the "spirit" of [I0], the burst size is limited to one or two maximum size packets. ACM SIGCOMM 21 Computer Communication Reviewhold packets until they become conformant, reshaping adds com- plexity, especially on high speed adapters. Furthermore, the non- work-conserving nature of shapers also requires additional buffers and contributes to higher delays. Hence, its introduction eomes at a cost that must be weighed against the benefits it provides. One contribution of this paper is to quantify the expected importance of reshaping, and when it is not available, identify parameters and alternatives that can be used to mitigate the impact of the non- conformance induced by traffic aggregation. The investigation is carried out by simulation to allow a wide range of scenarios with various user traffic, polieer parameters, interfering traffic patterns, and network and service configurations. 1.1 Previous Works The motivation for this work is to gain a better understanding of the impact of aggregation on conformance checks that may be per- formed at network boundaries. Several previous works have looked at similar issues, and their answers provided additional