Ed.—In June 2014, OARnet and the State of Ohio announced an agreement to have OARnet provide the network backbone for the State and its various agencies. By moving to OARnet’s 100 Gigabit-per-second backbone, the State is able to streamline its services, while K-12, Higher Education and all other client sectors, including the state, will benefit from increased aggregate purchasing power.
Recently OARnet has been developing a Quality of Service (QoS) configuration in our lab. As we consider the deployment of these changes to the production network, this blog posting is an introduction to why we are proposing these changes and how they will (and will not) affect the service that OARnet provides to its customers.
Providing network connectivity to The State of Ohio brings some additional challenges that are usually not major concerns when connecting large autonomous institutions, such as an entire university campus. Many of the new connections that will be made to OARnet will be coming from small regional offices of the various State agencies. Each of these buildings will be connected through an OARnet-supplied termination node and a Metro Ethernet circuit procured from one of the major telecommunications companies. Typical capacities for these last mile circuits will be 10 Megabits per second, and we need to ensure that the office IP phones (VoIP) and business-critical applications receive priority for this limited bandwidth.
Sources of contention would include Distributed Denial of Service (DDOS) attacks, and legitimate demands, such as multiple instances of the monthly Windows Update download commencing simultaneously. It is essential that we can sort the various demands into a few broad categories that can then be accorded a priority rating. The highest priority traffic (VoIP) will always receive clear passage across the low-bandwidth circuit, while general Internet traffic is subject to packet loss should the access circuit become congested. Using Quality of Service (sometimes called Differentiated Services) techniques means that the State of Ohio offices will not suffer from phone outages or loss of access to their networked databases just because some DDOS attack briefly erupted.
So what does this mean for OARnet’s established customers? The good news is that we have designed our QoS configuration so that it will not require existing customers to make any changes. Viewing QoS as a type of clutch that only engages during periods of network congestion is a useful analogy. Unless your access circuit to OARnet, or part of our backbone, becomes congested then QoS has no effect. Because the State Agencies project needs to move ahead regardless of other considerations, we decided to assign all routed traffic on the OARnet backbone to the Best Effort category. This essentially perpetuates the current (default) behavior of our network routers. Customers can continue to send IP packets to OARnet with the DSCP bits in the IP header set to whatever pattern is convenient, and OARNet will treat all routed traffic as equal priority. We will neither read, nor change, the QoS marking bits in any packet that traverses our network.
So our initial QoS configuration will not have any noticeable effect (deleterious or otherwise) for our existing customers. But it will ensure that the new connections for The State of Ohio will remain usable for their important services regardless of the prevailing conditions. The primary location at which QoS will engage will be the low-capacity access circuits already discussed. Additionally, we will extend priority treatment across the OARnet backbone, but only for traffic confined to specific Virtual Routing and Forwarding (VRF) instances. So for instance, we will configure a dedicated VRF instance that will hold routes for the State of Ohio’s VoIP service. Routes to Internet destinations will be excluded from this VRF, meaning that only phones will receive a useful service when connected to network ports in the corresponding VLAN.
And what of the future, once the State of Ohio project is completed? Will we be offering a ‘fast lane’ to everyone? Try not to think in those terms. Considering we operate a 100 Gb/s network, we never see congestion on those links and so QoS isn’t going to engage and will not offer any benefit. Furthermore, OARnet cannot offer any guarantees beyond the boundaries of our own network. Once packets leave OARnet and are handed off to Internet2 or to our commodity providers, we are clearly unable to control traffic beyond our boundaries!
I think most of our customer’s experience with QoS on OARnet will be blissful indifference. But we always like to talk to everyone, and if we come across a customer with a special need where QoS may be helpful, we will do our best!
