Strategies for Optimizing Applications on the WAN

Strategies for Optimizing
Applications on the WAN
Using Monitoring, Shaping, Compression, and
Acceleration to Deliver Performance
06PA345_WP_FNL.indd 1
7/10/06 3:50:03 PM
White Paper
Fast WAN. Fast Apps. Fast Business.
Strategies for Optimizing Applications on the WAN
Using Monitoring, Shaping, Compression, and Acceleration
to Deliver Performance
Table of Contents
Strategies for Optimizing Applications on the WAN.................................................................................................... 2
What’s Causing Performance Problems?............................................................................................................................. 2
The Impact......................................................................................................................................................................... 3
The Common Response — Get More Bandwidth.................................................................................... 4
The Packeteer Solution................................................................................................................................................................... 4
Deployment........................................................................................................................................................................................... 5
Gain Visibility with the Monitoring Module....................................................................................................................... 6
What’s Running on the Network?........................................................................................................................ 7
Are Applications Performing per Expectations?........................................................................................ 9
What and Who is Consuming Bandwidth?.................................................................................................... 9
What Happened When?......................................................................................................................................... 10
Is Something Important Happening Right Now? . ............................................................................... 12
Control Bandwidth with the Shaping Module.............................................................................................................. 12
Applying Controls...................................................................................................................................................... 13
Rate-Control Technologies................................................................................................................................... 14
Augment Performance in Specific Network Environments............................................................. 15
Increase Capacity with the Compression Module...................................................................................................... 17
Combining Shaping and Compression........................................................................................................ 18
How Compression Works....................................................................................................................................... 19
Packet Packing.............................................................................................................................................................. 20
Compression Results................................................................................................................................................ 20
Reports on Compression Results...................................................................................................................... 22
Enhance Performance with the Acceleration Module ........................................................................................... 23
The Packeteer Solution........................................................................................................................................... 25
Integration of Acceleration with Other Optimization Tools............................................................. 27
Can You Benefit From Acceleration?............................................................................................................... 28
How Much Traffic is Getting Accelerated?.................................................................................................. 29
SkyX and PacketShaper Compatibility ......................................................................................................... 29
Xpress Tunnels ................................................................................................................................................................................. 30
ActiveTunnel™ .............................................................................................................................................................. 30
Tunnel Monitoring and Configuration.......................................................................................................... 31
In Summary......................................................................................................................................................................................... 32
For More Information.................................................................................................................................................................... 32
PACKETEER | Page White Paper
Fast WAN. Fast Apps. Fast Business.
Strategies for Optimizing Applications on the WAN
Managing application performance can be quite a challenge. Productivity drops and frustration
climbs when performance turns inconsistent, unpredictable, and slow. Do any of these problems
sound familiar to you?
• Repeated bandwidth upgrades fail to address performance but do increase costs substantially.
• Intranet applications at a main data center offer easy access but poor performance.
• A branch office’s ERP performance plummets whenever an employee synchs email.
• Enthusiasm for VoIP (Voice over IP) fades when callers routinely face stutter and static during
peak network usage.
• Surges from recreational and infected traffic cause urgent, interactive applications to struggle.
• Nightly server backups that haven’t finished by the next morning.
For many companies, application performance on the WAN declined gradually from adequate
to unworkable. In other organizations, a single event, such as deploying a new application or
relocating servers, seems to precipitate the decline.
Poor network and application performance can be addressed. This paper describes how to detect,
resolve, and prevent performance problems using Packeteer’s WAN Application Optimization solution.
What’s Causing Performance Problems?
Recent changes in application and network environments have wreaked havoc on performance.
Increasing traffic, diverse performance requirements, and a capacity mismatch between localand wide-area networks have prompted the decline in performance.
Traffic growth stems from trends in applications, networks, and users habits, including:
• More application traffic: An explosion of application size, user demand, and richness of
media
• Recreational traffic: Abundant traffic resulting from recent trends in Internet radio, MP3
downloads, instant messaging, web browsing, interactive gaming, and more
• Web-based applications: Applications with web-based user interfaces; typically consume 5
to 10 times their former bandwidth
• Distributed applications: Enterprise applications that run over the WAN or Internet instead
of being confined to a single machine
• Server consolidation: A trend to combine data centers and reduce the number of application servers, forcing previously local traffic (high bandwidth, low latency, and low cost) to
traverse the WAN or Internet (low bandwidth, high latency, and expensive)
• Voice/video/data network convergence: One network that supports voice, video, and data
with their variety in bandwidth demands and performance requirements
• SNA/IP convergence: An IP network that supports SNA applications using TN3270 or TN5250;
without SNA networks’ controls, legacy applications usually suffer a drop in performance
• Disaster readiness: Redundant data centers, mirroring large amounts of data
• Security: Worms, viruses, and denial-of-service (DoS) attacks (ranked as the top source of
network congestion in a recent Network World survey)
PACKETEER | Page White Paper
Fast WAN. Fast Apps. Fast Business.
• New habits: Users doing more types of tasks online: shopping, research, news, collaboration,
finances, socializing, medical diagnostics, and more
Performance problems could also be due to a high-latency network environment, such as a satellite link. Latency wreaks havoc on wide-area networks. The increased delays and under-utilization
of links bog down application response times and file transfers.
The Impact
These trends often result in a drop in performance for applications that are critical to business.
At best, performance is inconsistent and unpredictable, and at worst, it’s consistently slow and
frustrating. The resulting financial impact presents a daunting picture.
In 2003, the IDC reported that the typical large U.S. enterprise spends $26,626,600 USD annually
on WAN circuits. The illustration shows a snapshot of one such company’s top applications running across the WAN and the percentage of bandwidth each consumes.
As you can see, the applications that are critical to the company’s business are limited to less than
half of the bandwidth. What’s more distressing is that of the $26.6 million the company spends
on the WAN each year, only $3.7 million supports critical applications, and more than $14 million
sustains recreational traffic.
What this illustration does not show is that the critical applications (Oracle, Citrix, and TN3270)
perform very slowly — too slowly.
Other effects from unmanaged application traffic include:
• Inequitable and unfair bandwidth distribution: one branch office, department, dorm student,
or subscriber takes more than a fair share.
PACKETEER | Page White Paper
Fast WAN. Fast Apps. Fast Business.
• An important application that is not time critical, such as the transfer of an important file,
usurps almost all available bandwidth, undermining interactive applications.
• Voice and video suffer sporadic jitter and poor reception.
• Malicious traffic overwhelms and incapacitates a network.
The Common Response — Get More Bandwidth
As you can imagine, the common response to too much traffic and slow response times is get
more bandwidth. But an upgrade is not an effective solution. Too often, network managers
spend large portions of their budgets on bandwidth upgrades in an attempt to resolve performance problems, only to find that the problems persist.
Critical and poorly performing applications aren’t necessarily the applications that gain access to
extra capacity. Usually, it’s less urgent, bandwidth-intensive applications that monopolize added
resources. The same result occurs when organizations turn to compression-only solutions that
lack application-aware control features. Without proper management, compression’s bandwidth
gains enhance the wrong applications.
In the earlier illustration, critical applications used only 14 percent of capacity. If usage patterns perpetuated after a purchase of more bandwidth (as they usually do), then those applications would
access only 14 percent of additional capacity — not the most effective bandwidth bargain.
Another reason that network managers might be tempted to increase their link size is to speed
up painfully slow data backups between large data centers. However, the size of the link might
not be the issue; traffic speed might be constrained by other factors. For example, suppose you
have a data center with a 45 Mbps link, using Windows 2000 with a 16K window size, and data
backups have a 30 ms round-trip time. Although latency is moderate in this scenario, a single
flow can fill less than 10 percent of the overall bandwidth because of the operating system’s
small window size. Upgrading the link will not help the problem. What is needed here is a way
to fully-utilize the bandwidth that’s available. That’s a problem that the Acceleration Module can
help with.
Bandwidth upgrades impose setup costs. In some places, especially in remote locations, larger
pipes are not available or are extremely expensive. Even if bandwidth costs drop, they remain a
recurring monthly cost. Gartner Group recently stated, “The WAN represents the single largest
recurring cost, other than people, in IS organizations.”
The Packeteer Solution
In enterprise networks that are overwhelmed by increasing amounts of traffic, congestion at
WAN and Internet links undermines application performance and results in impaired productivity.
If more bandwidth is not the answer, what is? More visibility and control in managing bandwidth
allocation and utilization. Specifically, companies need to:
• Improve and protect the performance of urgent and critical applications
• Pace important but less urgent traffic (such as large email attachments)
• Spot and stop malicious security threats
• Limit recreational traffic and its impact on critical traffic
• Provision bandwidth for streaming applications to ensure smooth reception.
PACKETEER | Page White Paper
Fast WAN. Fast Apps. Fast Business.
• Compress traffic by putting more data through constrained links
• Accelerate traffic to fully utilize bandwidth capacity in high-latency environments
Packeteer’s WAN Application Optimization system does exactly that. It empowers IT organizations to:
• Gain Visibility: The Monitoring Module, included with every PacketShaper, tells you precisely
which applications traverse the network, what portion of the network they consume, how
well they perform, and where delays originate. For details, see “Gain Visibility with the Monitoring Module” on page 6.
• Control Bandwidth: The Shaping Module offers policy-based bandwidth allocation to manage application performance over the WAN and Internet. Flexible control policies protect
critical applications, pace greedy traffic, limit recreational usage, and block malicious traffic.
For details, see “Control Bandwidth with the Shaping Module” on page 12.
• Compress Traffic: The Compression Module enables more data to flow through constrained
WAN links, freeing bandwidth for the critical applications that need it most. For details, see
“Increase Capacity with the Compression Module” on page 17.
• Accelerate Traffic: The Acceleration Module allows you to maximize bandwidth utilization,
speed up application response times, accelerate the transfer of large files, and minimize the
impact of other problems that are common with TCP-based applications on high-latency
links. For details on the Acceleration Module, see “Enhance Performance with the Acceleration
Module” on page 22.
Deployed at more than 7,000 companies worldwide, Packeteer solutions provide patented network visibility, control, compression, and acceleration capabilities, all delivered through a family
of intelligent, scalable appliances. In addition, Packeteer offers PolicyCenter® and ReportCenter,
standalone centralized management and reporting software to manage PacketShaper deployments across an enterprise.
Deployment
PacketShapers are deployed behind WAN-link routers and/or Internet-link routers at main sites
and branch offices. Appliances must be positioned so that they see all inbound and outbound
traffic. Alternatively, they can sit off the main data path, isolated in a non-inline topology. In this
mode, called watch mode, all features in the Monitoring Module are available, but the features in
the other Modules (Shaping, Compression, and Acceleration) are not.
You can choose to deploy PacketShapers comprehensively throughout many or all offices, or
you can adopt a phased deployment strategy by starting with main sites or a few problematic
branches first and expanding to other locations from there. Appliances are available in a variety
of models based on features, capacity, and other specifications. Simple software key upgrades
activate Packeteer’s Shaping, Compression, and Acceleration Modules.
Installation is easy and consists of plugging in cables and entering address, access, and security
information on a web-based setup page. PacketShapers integrate cleanly with existing network
infrastructure, imposing no changes on router configuration, topologies, desktops, or servers. In
addition, they gracefully complement other network appliances such as firewalls, load-balancers,
redundant routers, and caching solutions. Expansion modules provide additional flexibility for
more complex switched networks.
PACKETEER | Page White Paper
Fast WAN. Fast Apps. Fast Business.
Branch Offices
Connected via WAN
Branch Offices
Connected via VPN
Main Site
WAN Link
Corporate
WAN
Main Site
LAN
Internet
Legend:
= PacketShaper
= Router
= Data center servers
Multiple layers of failover mechanisms ensure that PacketShapers do not impede traffic in the unlikely event of a failure. A web-based user interface provides easy access from any location with a
web browser and proper security requirements.
Gain Visibility with the Monitoring Module
Visibility into network and application behavior is a prerequisite to controlling performance and
is crucial for managing business operations effectively. Do your current tools provide sufficient
visibility to provide answers to these questions?
• Which applications are running on your wide-area network? Which use the most resources?
• How much of your bandwidth budget is consumed by critical versus recreational traffic?
• Do applications meet your users’ expectations? Do they meet committed service levels?
• Which users and which branch offices are the top consumers of a particular application?
• How does each MPLS class of service perform? Does performance match service class and cost?
• Do remote locations get all the bandwidth they pay for? Do they need all of it? Are they using
it efficiently?
PacketShaper’s Monitoring Module answers these questions and many more. Rather than simply
collect data, the PacketShaper organizes findings, synthesizes conclusions, and flags problems early
to help manage performance more effectively. The PacketShaper transforms data into information
and enables you to move from passive management, through reactive management, to proactive
approaches. The PacketShaper tells you precisely which applications traverse the network, what
portion of network bandwidth they consume, how well they perform, and where delays originate.
With the Monitoring Module, you can:
• Automatically detect and classify hundreds of business and recreational applications
• Identify top applications, users, servers, branch offices, and web destinations
PACKETEER | Page White Paper
Fast WAN. Fast Apps. Fast Business.
• Analyze bandwidth usage, response times, the impact of configuration changes, and sources
of delay
• Track response times and break them down into time spent on the network and server
• Set standards for service levels and track their compliance
• Monitor conditions of interest, then, when thresholds are crossed, automatically take action to
correct, document, and/or notify someone of the problem
• Measure, graph, and/or export more than 100 metrics describing usage, availability, efficiency,
response times, errors, and diagnostics
What’s Running on the Network?
Enterprise networks usually support many more types of traffic than anyone suspects. This
becomes evident just moments after plugging the PacketShaper’s cables into the network and
turning on traffic discovery. The PacketShaper immediately starts identifying and organizing each
distinct type of traffic it observes. Each traffic type is
called a traffic class. Administrators are usually surprised
to see the diversity of their own traffic.
Rich traffic classification is crucial — you can’t assess
or control an application’s performance if you can’t
distinguish its traffic. For example, how can you protect
a web-based business application when you can’t differentiate its traffic from casual web browsing or from
music downloads masquerading as web traffic?
The growing complexities associated with network
traffic make sophisticated classification techniques a
necessity. Simple IP address or static port schemes fall
short. PacketShaper’s classification detects dynamic
and migrating port assignments, differentiates applications using the same port, and uses Layer 7 application
indicators to identify applications.
With PacketShaper, you can isolate traffic associated
with applications, protocols, subnets, web pages, and
users. You can identify ERP traffic such as Oracle and JD Edwards; intranet applications; Citrixbased applications and Citrix print traffic; voice and video over IP; web traffic from a certain
server, using a given browser, or with a specific mime type; and many types of instant messaging,
games, and music download programs.
PACKETEER | Page White Paper
Fast WAN. Fast Apps. Fast Business.
Some of the applications and protocols the PacketShaper automatically detects, identifies, and
classifies include:
Client/Server
CVS
FIX (Finance)
Folding@Home
INFOC-RTMS
INT-1 (Unisys Interact)
MATIP (Airline)
MeetingMaker
NetIQ AppMngr
OpenConnect JCP
PEPGate (Attachmate)
Unisys-TCPA
Content Delivery
Ariel
Apple i-Tunes
Backweb
Chaincast
EntryPoint
Google Earth
Kontiki
Marimba
NewsStand
PointCast
WebShots
Database and ERP
Baan
FileMaker Pro
JDENet (JD Edwards)
MS SQL
Oracle (and by
database)
Oracle JVM
Oracle EM
PostgreSQL
Progress
SAP
Directory Services
CRS
DHCP
DNS
DPA
Finger
Ident
Kerberos
LDAP
mDNS
RADIUS
RRP
SSDP
TACACS
whois
WINS
E-mail and
Collaboration
Biff
ccMAIL
DCOM (MsExchange)
Groupwise (Novell)
IMAP
LotusNotes
MSSQ
OSI
POP3
SMTP
File Server
AFS
CIFS-TCP
CU-Dev
lockd
Microsoft-ds
NetBIOS-IP
NFS
Novell NetWare5
rsync
SunND
Games
Asheron’s Call
Battle.net
Diablo II
Doom
EverQuest
Half-Life
Kali
LucasArts (Jedi*)
MSN Zone
Mythic
Quake I, II, & III
SonyOnline
Tribes I,II
Unreal
Warcraft III
X box
Yahoo! Games
Healthcare
DICOM
HL7
Host Access
ATSTCP
Attachmate
Persoft Persona
SHARESUDP
SMTBF
TN3270
TN5250
Internet
ActiveX
BITS
FTP, Passive FTP
Gopher
HTTP
HTTP Tunnel
IP, IPv6, IPIP, UDP, TCP
IRC
Mime type
NNTP
Socks2http
SSHTCP
SSL
TFTP
UUCP
URL
Web browser type
Legacy LAN
and Non-IP
This is a just a sampling
of the 100+ protocols
that are available.
AFP
AppleTalk
DECnet
FNA, FNAonTCP
IPX
LAT
MOP-DL/RC
NetBEUI
PPPoE
SLP
SNA
Messaging
AOL IM,
Apple iChat
Talk, Image, File, ISP, …
ICQ
IRC
Lotus IM
MSN Messenger
Windows-POPUP
Yahoo! Messenger
MiddleWare
CORBA
Java RMI
SmartSockets
SunRPC (dyn port)
JavaClient
MultiMedia
Abacast
MPEG (Audio, Video)
Multi-cast NetShow
NetMeeting
QuickTime
RadioNetscape
Real (Audio, Video)
RTP
RTSP
SHOUTcast Streamworks
VideoFrame
WebEx
WinampStream
WinMedia
WebEx
WinampStream
WinMedia
Peer-to-Peer
Aimster
AudioGalaxy
Rhapsody
Mac Satellite
Bit Torrent
Blubster
DirectConnect
EarthStation V
EDonkey
Emule
Overnet
eXeem
FileRogue
Filetopia
Furthurnet
Gnutella
Acquisition
Ares
BearShare
Furi
Gnotella
Gnucleus
gtk-gnutella
LimeWire
MyNapster
Mactella
Morpheus
Mutella
Nap Share
Phex
Qtraxmax
Qtella
Shareaza
toadnode
XoloX
Groove
Hotline
Hopster
iMesh
KaZaA
KaZaA Lite
Napster
Amster
audioGnome
File Navigator
Gnapster
Grokster
gtk napster
jnapster
MacStar
Maxter
My Napster
Napigator
NapMX
Napster Fast Search
Napster, MacOSX
OpenNap
Rapster
Snap
Spotlight
WebNap
WinMX
Network
Management
Cisco Discovery
Day-Time
Flow Detail Record
ICMP(by packet type)
IPComp
Microsoft SMS
NetFlow v5
NTP
RSVP
SMS
SNMP
SYSLOG
Time Server
Print
IPP
LPR
TN3287
TN5250p
Routing
AURP
BGP
CBT
DRP
EGP
EIGRP
IGMP
IGP
MPLS (+tag, +app)
OSPF
PIM
RARP
RIP
Spanning Tree
VLAN (802.1p/q)
Security Protocol
DLS
DPA
GRE
IPMobility
IPSEC
ISAKMP/IKE key exch
L2TP
PPTP
RC5DES
SOCKS Proxy
SSH
SSL (+shell)
swIPe
WAP
Session
GoToMyPC
pcAnywhere
REXEC
radmin
rlogin
rsh
Telnet
Timbuktu
VNC
Xwindows
Thin Client or
Server Based
Citrix
Published Apps,
Nfuse, IMA
RDP/Terminal Server
Voice over IP
CiscoCTI
Clarent
CUSeeMe
Dialpad
H.323
I-Phone
MCK Commun.
Megaco
Micom VIP
MGCP
Net2Phone
RTP
RTCP
SIP
Skinny (SCCP)
Skype
T.120
VDOPhone
Napster2
PeerEnabler
ScourExchange
Share
SoulSeek
Tripnosis
Winny
Tripnosis
PACKETEER | Page White Paper
Fast WAN. Fast Apps. Fast Business.
Are Applications Performing per Expectations?
Are users’ complaints your only measure of response time? Without those calls, do you know
when performance is slow? Do you know before your users do?
Packeteer’s features for response-time measurement (RTM) offer performance statistics, threshold monitoring, high-level problem indicators, and performance graphs. This vital information
enables network administrators to:
• Track delay statistics for flexible traffic categories. Measure response times for individual applications, hosts, subnets, and for any transaction-oriented TCP traffic class.
• Break down each response-time measurement into network delay (time spent in transit) and
server delay (time the server used to process the request).
• Identify users and servers with the slowest performance.
• Set acceptability standards and track whether performance adheres to them.
• Auto-detect and, optionally, auto-correct poor performance in critical applications.
See total transaction times divided into their
network and server components.
This Transaction Delay graph shows that response time is sporadically slow with frequent
spikes. In addition, you can see that it was not the
server that was causing the problems — it was
the network. If this is a graph of a critical application, its performance definitely needs some help.
The Shaping Module can be useful here.
You can view current and historical performance data in intuitive tables and graphs, in a MIB
(management information base), via an XML API, or as raw data. Third party SNMP and reporting
tools integrate smoothly.
What and Who is Consuming Bandwidth?
Bandwidth is a valuable resource. Links to the Internet and WAN are pricey and are prone to congestion. The PacketShaper determines how much bandwidth and which applications, protocols,
and services are being used.
PACKETEER | Page White Paper
Fast WAN. Fast Apps. Fast Business.
The PacketShaper identifies top users, applications, and websites; tracks average and peak traffic
levels; evaluates network efficiency; presents a wealth of measurement data; and can sometimes
replace probes and sniffers. The PacketShaper gives you an automatic breakdown of usage statistics for each traffic class and, if you want it, even for each user and traffic flow.
Bandwidth utilization graphs display peak
and average usage over time for different
applications, branch offices, the entire link, or
other criteria. Peak measurements are critical
for performance and capacity analysis.
The PacketShaper offers usage trend analysis, extending
current usage patterns to predict when bandwidth needs
will reach a given level.
What Happened When?
PacketShaper’s comprehensive reports provide a clear view of historical performance, load,
efficiency, TCP health, connections, and more. These reports can help confirm a configuration
change, justify a purchase, evaluate service-level compliance, search for historical trends, and provide a consistent assessment of performance.
PACKETEER | Page 10
White Paper
Fast WAN. Fast Apps. Fast Business.
You can view one of PacketShaper’s preconfigured reports, or you can define and create your own
reports using stored metrics and dozens of available graphs. All reports are accessible with a web
browser. Packeteer ReportCenter centralizes reporting functions for multiple appliances and allows
you to compare, correlate, and summarize behavior across locations throughout the organization.
Packeteer’s extensive measurement data is available for use in reports on ReportCenter, SNMP
management platforms, NetFlow v5 collectors, and third-party reporting tools. Packeteer measurement data is stored on appliances for up to two months and indefinitely once forwarded to a
ReportCenter server.
The PacketShaper can also provide drilldown metrics on a per-flow basis that include items such
as flow origin and destination, flow size (in packets and bytes), when the flow was sent, the flow’s
application or service, the flow’s Layer 4 protocol and IP ToS/Diffserv bits, the type of controls that
were applied to the flow, response times, and more.
This granular level of detail opens up a wealth of opportunity for enhanced troubleshooting and
forensic help. For example:
• Split the traffic from one branch office into its different application, service, or DSCP types,
even if you didn’t sub-classify traffic into its services as it passed
• Examine the “chattiest” host IP pairs for traffic from a specific application, location, or combination of the two
• List traffic’s busiest ports; see which ports a specific application or host used; see which applications used a specific port; spot potential portscans
• Enable billing tools to bill customers or departments by application usage and, if desired, have
different billing rates for different types of applications (such as for P2P, VoIP, email, and web
surfing)
• Expose the top current or historical traffic contributors or recipients for a location or application, even when you didn’t have the Packeteer features to spot the top contributors during
the time in question
PACKETEER | Page 11
White Paper
Fast WAN. Fast Apps. Fast Business.
Is Something Important Happening Right Now?
Reports are valuable for many purposes, but reports are not the greatest choice to catch and respond to problems as they happen. Reports require human intervention — someone to examine
them, interpret findings, and take action based on conclusions.
PacketShaper’s adaptive response feature automatically monitors for conditions of interest, detects
potential problems, notifies somebody if a problem is detected, and/or takes corrective actions.
You get to decide:
• What constitutes a problem
• If you want notification and, if so, by what method (email, SNMP trap, Syslog message)
• If corrective actions are needed and, if so, which actions are appropriate
The PacketShaper offers many pre-configured conditions, or you can define your own. Examples
of ways you might decide to monitor situations and respond automatically include:
• Send HP OpenView an alert when retransmissions rise to 15 percent of your network traffic
• Dedicate more bandwidth to SAP or boost SAP’s MPLS service class whenever 10 percent of
its transactions fail to respond within two seconds
• Send yourself an email whenever a new application appears on the network that claims more
than 8 percent of capacity
• Temporarily contain and quarantine greedy users who consume an unfair portion of bandwidth
Control Bandwidth with the Shaping Module
In the battle for bandwidth on congested WAN and Internet access links, demanding applications, such as large downloads or email attachments, can flood capacity and undermine the
performance of critical applications. Abundant data, protocols that swell to consume all
available bandwidth, network
bottlenecks, and new, popular,
and bandwidth-hungry applications — they all seem to conspire against critical application
performance.
Identifying performance problems is a good first step, but it’s
not enough. PacketShaper solves
performance problems too,
controlling bandwidth allocation
with flexible policies to protect
critical applications, pace greedy
traffic, limit recreational usage,
Graphs comparing usage, and efficiency,
before and after using features in the
Shaping Module
PACKETEER | Page 12
White Paper
Fast WAN. Fast Apps. Fast Business.
and block malicious activity. Bandwidth minimums and/or maximums apply to each application,
session, user, and/or location. Each type of traffic maps to a specific bandwidth allocation policy,
ensuring that each receives an appropriate slice of bandwidth.
With the Shaping Module, you can:
• Protect the performance of important applications, such as SAP and Oracle
• Contain unsanctioned and recreational traffic, such as KaZaA and AudioGalaxy
• Provision steady streams for voice or video traffic to ensure smooth performance
• Stop applications or users from monopolizing the link
• Reserve or cap bandwidth using an explicit rate, percentage of capacity, or priority
• Adapt bandwidth allocation policies to real-time performance or sudden problems
• Detect virus, worm, or denial-of-service attacks and limit their impact
• Strike a balance between consistent access and a bandwidth limit for applications, such as
Microsoft Exchange, that are both bandwidth-hungry and critically important
• Allow immediate passage for small, delay-sensitive traffic, such as Telnet
• Provision bandwidth equitably between multiple locations, groups, or users
Applying Controls
Packeteer offers a variety of very flexible mechanisms to control bandwidth allocation. For example, a single feature, called a partition, can be used either to protect an application or to contain
it. Many of the Shaping Module’s control features are listed below:
Feature
Control Feature Description
Partitions
Protect or cap all the traffic in one class
with a partition. You specify the size of the
reserved virtual link, choose if it can exceed
that size, and optionally cap its growth.
Partitions function like PVCs, but they cost
less and share unused bandwidth with other
traffic.
Limit music downloads to 128 Kbps of a T1
WAN link.
Reserve a minimum of 20% of the WAN link
for Microsoft Exchange. Allow Exchange to
exceed the minimum, but cap it at 60% of
the link.
Usage Examples
Dynamic PerUser Partitions
Allocate bandwidth fairly among users.
Create per-user subpartitions dynamically,
as needed, when users initiate traffic of a
given class. As always, unused bandwidth is
available to others.
Each dormitory student gets a minimum of
20 Kbps and a maximum of 60 Kbps to use in
any way he or she wishes.
Rate Policies
Guarantee per-session bandwidth for critical
or streaming applications. Protect latencysensitive sessions or keep greedy traffic
sessions in line with a rate policy. Deliver a
minimum rate (perhaps zero) for each individual session of traffic, allow that session
prioritized access to excess bandwidth, and
set a limit on the total bandwidth it can use.
Reserve precisely 24 Kbps for each VoIP session to avoid jitter and static.
Cap each FTP download at 56 Kbps.
Priority Policies
Priority policies allocate bandwidth based
on a priority, 0 to 7. Priority policies are
frequently appropriate for small, non-bursty,
latency-sensitive traffic.
Protect Telnet, which has small but latencysensitive flows, with a priority of 6.
Give games, such as Doom and Quake, a priority of 0 on a business network. People can
play if the network is not otherwise busy.
PACKETEER | Page 13
White Paper
Fast WAN. Fast Apps. Fast Business.
Feature
Control Feature Description
Usage Examples
Discard Policies
Discard policies intentionally block traffic.
The packets are simply tossed and no feedback is sent back to the sender.
Discard traffic from websites with questionable content.
Block attempts to Telnet into your site.
Block external FTP requests to your internal
FTP server.
Never-Admit
Policies
Never-Admit policies are similar to discard
policies except that the policy informs the
sender of the block.
Redirect music enthusiasts to a web page
explaining that streaming audio is allowed
only between 10:00 p.m. and 6:00 a.m.
Ignore policies simply allow traffic to pass
without applying bandwidth management.
Let any traffic going to a destination not on
the other side of the managed WAN access
link pass unmanaged.
Ignore Policies
You can apply any of PacketShaper’s control features explicitly to a particular type of traffic,
such as an application or branch location, or you can apply any control feature automatically in
response to real-time conditions, such as a plunge in performance or the time of day.
For example, suppose you reserve 10 percent of your capacity for an important sales application.
You could decide to bump its share to 20 percent automatically in two circumstances: 1) at the end
of each month and 2) if response times ever dip to slower than three seconds at least 10 percent of
the time (or however you want to define unacceptable performance). As you can see, not only are
controls flexible and powerful, but so is your ability to choose when each control is active.
Rate-Control Technologies
The PacketShaper employs several technologies to control the rate at which traffic flows to and
from a WAN or Internet link. Packeteer’s rate control technologies — TCP Rate Control, UDP Rate
Control, and advanced queuing techniques — collaborate to force a smooth, even flow rate that
maximizes throughput and prevents congestion.
TCP Rate Control
Packeteer’s TCP Rate
Control operates behind
Before-and-after effects on recreational traffic‘s
bandwidth usage after using Packeteer’s rate
the scenes for all traffic
policies and partitions on select applications.
with rate policies, optimizing limited-capacity links.
TCP Rate Control overcomes TCP’s shortcomings,
preventing congestion
on both inbound and
outbound traffic. TCP Rate
Control paces traffic, telling
the end stations to slow
down or speed up. It’s no use sending packets any faster if they will be accepted only at a particular rate once they arrive. Rather than discarding packets from a congested queue, TCP Rate
Control paces packets to prevent congestion.
PACKETEER | Page 14
White Paper
Fast WAN. Fast Apps. Fast Business.
Unlike TCP Rate Control, queuing-only approaches wait for queues to form and congestion to
occur, then reorder and discard packets. Solutions based solely on queuing do not proactively
control the rate at which traffic enters the wide-area network at the other edge. More importantly, queuing-based solutions are not bi-directional and do not control the rate at which traffic
travels into a LAN from a WAN, where there is no queue.
TCP Rate Control detects real-time flow speed, forecasts packet-arrival times, meters acknowledgments going back to the sender, and modifies the advertised window sizes sent to the sender.
Just as a router manipulates a packet’s header information to influence the packet’s direction, the
PacketShaper manipulates a packet’s header information to influence the packet’s rate.
Imagine putting fine sand through a straw or small pipe. Sand passes through the straw evenly
and quickly. Now imagine putting chunky gravel through the same straw. The gravel gets stuck
and arrives in clumps, if at all. The PacketShaper conditions traffic so that it becomes more like
sand than gravel. These smoothly controlled connections are much less likely to incur packet loss,
and, more importantly, the end user experiences consistent reliable service.
UDP Rate Control
Unlike TCP, UDP sends data to a recipient without establishing a connection and does not
attempt to verify that the data arrived intact. Because UDP doesn’t manage the end-to-end connection, it doesn’t get feedback regarding real-time conditions, and it can’t prevent or adapt to
congestion. Therefore, UDP can end up contributing significantly to an overabundance of traffic,
impacting all protocols, including UDP and TCP. In addition, latency-sensitive flows, such as VoIP,
can be delayed and rendered useless.
The PacketShaper can pace the flow of UDP data, regulating the flow of UDP packets before they
traverse a congested access link. A variety of the Shaping Module’s control mechanisms assist in
managing UDP traffic, for example:
• A priority policy is best for UDP traffic that is transaction-oriented.
• A rate policy is best for persistent UDP traffic because its guaranteed bits-per-second option
can ensure a minimum rate for each UDP flow. For example, you could give 24 Kbps to each
VoIP stream.
UDP delay bound controls how long UDP packets can remain buffered before they become too
old to be useful. For example, a delay bound of 200 ms is appropriate for a streaming audio flow.
Augment Performance in Specific Network Environments
PacketShaper control features offer assistance in readiness assessments, administrative chores,
performance gains, and other types of support for a large number of network environments. A
few are described below.
Attend to Packet Marking (CoS/ToS/Diffserv/MPLS)
Packet marking is a growing trend that ensures speedy treatment across the WAN and across heterogeneous network devices. A variety of standards have evolved over time. First, CoS/ToS (class
and type of service bits) were incorporated into IP. Then, Diffserv became the newer marking
protocol for uniform quality of service, essentially the same as ToS bits, just more of them. And
more recently, MPLS emerged as the newest standard, integrating the ability to specify a network
path with class of service for consistent QoS (quality of service).
PACKETEER | Page 15
White Paper
Fast WAN. Fast Apps. Fast Business.
PacketShapers can classify, mark, and remark traffic based on IP COS/TOS bits, Diffserv settings,
and MPLS labels, allowing traffic types to have uniform end-to-end treatment by multi-vendor
devices. By attending to marking and remarking, the PacketShaper can act as a type of universal
translator, detecting intentions in one protocol and perpetuating those intentions with a different protocol as it forwards the packets.
Enhance MPLS Performance
Multi-Protocol Label Switching (MPLS) has become a leading vehicle for connecting an organization’s distributed locations. Most organizations adopt MPLS to take advantage of different classes
of service and ensure appropriate application performance.
However, once MPLS is implemented, business organizations frequently discover that placing key
applications into premium service classes does not reap the expected benefits. Why? An MPLS
solution degrades as it faces three major challenges:
• The right traffic does not get placed in the right MPLS service class. Premium classes deliver
sub-premium performance as they drown in copious non-urgent traffic; important
applications are improperly assigned to only best-effort classes.
• Traffic gets hung up in a congested bottleneck just before each entry point to the provider’s
MPLS network. In addition, unmanaged traffic heading into a LAN (inbound) grows unruly,
using an inappropriately high flow rate.
• Organizations need information on the performance of each application and each service class
transported over their MPLS network. Concrete, quantified service-level assessments are rare.
The PacketShaper complements MPLS installations and overcomes each of the challenges listed
above as it:
• Detects, identifies, and classifies diverse applications, assigning distinct QoS tags. PacketShapers can mark traffic with MPLS labels directly or can mark traffic with Diffserv tags that
relay service-class intentions to the first router within the MPLS cloud.
• Ensures that the traffic within a particular MPLS service class is the right traffic, meant for that
class. Powerful and granular application classification ensures accurate and appropriate MPLS
service-class assignments.
• Eases the bottlenecks that form at the entry points to MPLS networks with control features
and rate control.
• Extends MPLS performance benefits to the network edge and users’ premises.
• Measures and graphs per-application and per-MPLS-class performance, enabling assessment
of service-level agreement (SLA) compliance.
Assist Voice/Data Network Convergence
PacketShapers facilitate network convergence both before and after a voice installation. In
preparing for a VoIP installation, the PacketShaper can help organizations determine how much
bandwidth voice traffic will need, simulate peak call volume’s impact on existing applications and
their performance, and decide if a capacity upgrade is needed.
PACKETEER | Page 16
White Paper
Fast WAN. Fast Apps. Fast Business.
Once VoIP and data are both active on one network, PacketShaper can:
• Identify many types of voice traffic, including VDO Phone, Vonage, Skype, CU See Me, Net2Phone, Dialpad, RTCP, SIP, Megaco, MGCP, Skinny, MCK-Signaling, RTP, Micom VIP, MCK Voice,
and others
• Protect bandwidth for VoIP as a whole
• Clear easy passage for VoIP’s setup and control traffic
• Allocate the steady rate required for good performance for each voice stream
• Manage over-subscription (e.g. every employee suddenly decides to use the phone at the
same time) gracefully
• Assign appropriate QoS tags with Diffserv, ToS, or MPLS labels
• Control bandwidth allocation appropriately for competing data applications
Detecting and Avoiding Attacks
Although PacketShapers are not firewalls, they can help detect virus, worm, or denial-of-service
attacks and limit their impact. PacketShapers are especially helpful during zero-day events (before companies are able to release patches or solutions to deal with a new attack). The PacketShaper employs a variety of methods to help you deal with attacks:
• Recognize when an anomaly occurs
• Pinpoint infected hosts
• Contain malicious traffic that is generated by infected hosts
• Protect critical applications at all times, so when an anomaly does occur, critical applications
are not impacted
• Limit the number of connections from or to any host
• Detect unsolicited ICMP replies and limit the amount of ICMP traffic (ICMP is a frequent attack
vehicle)
• Detect traffic from unsanctioned servers
• Limit the number of flows from one application, client, server, or traffic class of any type
• Detect and block worms that have a distinguishing string of embedded data
• Block traffic that pretends to come from a trusted source
• Reveal which types of traffic attempt to use the ever-popular port 80, or any other port
Increase Capacity with the Compression Module
PacketShaper goes beyond providing visibility into application and network behavior, beyond
providing control over bandwidth allocation: it also compresses traffic over the network. Compression enhances application performance by creating greater throughput, faster performance,
and increased network capacity.
Packeteer’s Compression Module employs patented compression technologies to transfer data
more quickly and enable more traffic to flow through constrained WAN links. When bandwidth is
freed, it becomes available to enhance the performance of applications that are most critical to
business.
PACKETEER | Page 17
White Paper
Fast WAN. Fast Apps. Fast Business.
With the Compression Module, you can:
• Enjoy compression gains of up to 10X without loss of quality or data
• Increase capacity and direct bandwidth gains to critical applications
• Ease congestion on a saturated WAN link
• Postpone or avoid bandwidth upgrades
• Eliminate the burden of having to define and maintain compression tunnels, the mechanism
used to shrink, transfer, and restore traffic
• Customize compression techniques for individual applications
• Streamline repeated data, shrink transfer size, and/or reduce the number of packets
Combining Shaping and Compression
What if you could transfer a T1/E1’s load of 1.5 Mbps using only 500 Kbps? That leaves 1 Mbps of
capacity for other applications to use to their advantage. Now, who gets the extra bandwidth? Is
it an important interactive application with an employee waiting, fingers poised, for a response?
Or does a non-urgent file transfer grab the extra capacity? Most likely, the file transfer wins. Except when PacketShaper intervenes to ensure that you get increased capacity and judicious use
of your whole link.
An unmanaged link shows that non-urgent traffic impacts
the bandwidth available for critical applications.
Compression and bandwidth upgrades do not determine
which application gets the additional capacity.
Note that although more traffic passes through the link,
mission-critical traffic does not receive proportionately more
bandwidth. Instead, less urgent traffic consumes the increase
in capacity, leaving critical applications, such as SAP and Oracle, with insufficient bandwidth and inconsistent performance.
PacketShaper delivers more capacity and the power to use that capacity effectively. The combination ensures that all network resources, including the expanded capacity, are allocated to
applications that are most urgent and important.
With the Shaping Module, critical applications receive the
appropriate amount of bandwidth for consistent, prompt
performance, and the remaining bandwidth accommodates
residual traffic. Performance for all types of traffic improves in
the process.
PACKETEER | Page 18
White Paper
Fast WAN. Fast Apps. Fast Business.
While the Shaping Module allocates policy-based bandwidth and smoothes bursty traffic, the
Compression Module enables greater throughput and faster network travel times.
This link supports a large
traffic volume (thanks to the
Compression Module) with an
efficient, consistent utilization
rate (thanks to the Shaping
Module).
How Compression Works
Packeteer’s compression requires at least two PacketShapers, one deployed at each end of a connection.
Each appliance compresses its outbound traffic, and
each unit at the receiving end decompresses inbound
traffic, restoring traffic to its original state. Most organizations deploy a PacketShaper at each branch office that
exchanges traffic with other branches or a main site. This
arrangement maximizes all bandwidth throughout the
organization.
The communication link between the two PacketShapers is called an Xpress tunnel, and compressed data is sent through this tunnel. The two PacketShapers are called tunnel partners. For
more information, see “Xpress Tunnels” on page 29.
The PacketShaper automatically identifies and classifies each passing packet as part of its monitoring charter. It uses knowledge of each packet’s traffic type to determine if compression is
appropriate. Previously compressed traffic (streaming media, for example) and encrypted data
(HTTPS and SSH, for example) are not compressed further. PacketShaper compresses only the
traffic that is likely to achieve positive results.
Frequently, applications benefit more from one compression method than from another. Packeteer supplies a variety of options for compression algorithms (methodology). For example, peerto-peer and instant messaging benefit the most from the CNA algorithm, email and HTTP get the
best results from ICNA, and VoIP automatically uses the UDPRT algorithm which only compresses
the UDP headers. In addition, PacketShaper offers an option to create rules determining which
traffic uses which compression algorithms. Or, if users prefer, they can avoid the algorithm-selection process and still experience very impressive results.
PACKETEER | Page 19
White Paper
Fast WAN. Fast Apps. Fast Business.
Packet Packing
Another capability included in the Compression Module is packing. When packing is enabled,
multiple packets are combined into a single “super packet” before being sent through the Xpress
tunnel. Since fewer packets are sent, packing saves on overhead introduced by packet headers.
You can enable/disable packet packing globally, for a specific tunnel, or on a per-class or per-service basis.
The maximum size of the super packet is determined by the Maximum Transfer Unit, or MTU.
MTU is the largest datagram than can be transmitted by an IP interface, without it needing to
be broken down into smaller units. Because the packet size is maximized to the MTU, packing
improves link utilization. The MTU can be set globally or for an individual tunnel.
Since different types of traffic can tolerate different amounts of latency, each service is assigned
an appropriate packing hold time — the length of time the super packet is held to wait for additional packets to be packed into it. For example, services that are sensitive to delay are assigned
a 1 ms packing hold time; Telnet and Skype are two examples of services that would fall into this
category. The default packing settings are appropriate in most situations, but CLI commands are
available to fine tune these settings if you find the need.
Due to the inherent delay in the process of combining packets, packing will increase network latency. On very busy links, packing doesn’t cause much latency because the packets are bundled
and sent off quickly. On less active links, Xpress may have to wait to get enough packets in a
bundle, possibly creating application performance problems. If you suspect that packing is causing latency, there are controls for lowering the packing hold time or disabling packing altogether.
Packing is most efficient and effective when dealing with small packets or packets that can be
reduced in size with compression.
Compression Results
Compression ratios, percentages, and other terms are used commonly to portray results in a standardized format. Suppose 100 bytes of data are compressed into 33 bytes. Then its compression
ratio is 3:1, and its percentage of compression is 67 percent.
Some vendors promise 10:1 compression ratios, but these figures are based on best-case tests. In
fact, PacketShaper also generates 90 percent compression or 10:1 ratios in test cases. But these
figures, whether stated on behalf of Packeteer or other vendors, do not represent realistic expectations or consistent results. A more realistic range to use when planning or forming expectations
is a ratio between 2:1 and 3:1.
PACKETEER | Page 20
White Paper
Fast WAN. Fast Apps. Fast Business.
Application
Average Compression
Peak Compression
Baan
80%
90%
Citrix
50%
75%
Compressed Citrix
15%
35%
FTP
50%
95%
General Internet
45%
75%
ICMP (ping)
50%
95%
JD Edwards
80%
90%
Mail
55%
90%
Microsoft-DS
65%
90%
NetBIOS
65%
90%
Oracle
75%
95%
PeopleSoft
80%
90%
SAP
75%
90%
Secure Applications (SSL, IPSec, SSH)
0%
0%
SQL Server
75%
95%
Sybase
75%
95%
Telnet
60%
85%
VoIP*
10%
25%
Web-Based Applications (Intranet)
75%
95%
* Although VoIP data payload is compressed to the maximum by the IP telephony application
before it reaches the network, PacketShaper’s Compression Module can use packet header compression and packet packing techniques to compress VoIP traffic.
Packeteer gathered results for a variety of applications, both from internal testing and from
customers using Packeteer’s compression in their own environments on their own applications.
When examining the results table, remember that compression’s impact can vary (sometimes
widely) based on load levels, time intervals, and network environments.
PACKETEER | Page 21
White Paper
Fast WAN. Fast Apps. Fast Business.
Reports on Compression Results
The PacketShaper provides a variety of reports for you to judge the effectiveness of your own
traffic’s compression. Three screens are shown below, but many others are available.
High-level statistics summarize
compression results; in this
case, they show that traffic required less than half of original
bandwidth needs.
High-level statistics summarize compression results;
in this case, they show that
traffic required less than half
of original bandwidth needs.
Compare the peak rates for your link, with and
without compression. Peak rates highlight
where performance problems are likely to occur
and compression can be extremely valuable.
This graph shows that even peak traffic loads
compressed to use about a quarter of their
former bandwidth demands. Traffic no longer
overloads or even fills this link.
PACKETEER | Page 22
White Paper
Fast WAN. Fast Apps. Fast Business.
Enhance Performance with the Acceleration Module
Excruciating slow file transfers. Nightly server backups that are still running in the morning
when you arrive at the office. Customer database queries with such poor response time that
even the most patient of people give up on them. These are just a few examples of application
performance problems that you might initially try to solve with a bandwidth upgrade. But you
would probably find that adding bandwidth isn’t the solution. This may be because bandwidthgreedy applications – not necessarily your customer-critical applications – gobble up all the new
bandwidth. In other cases, applications may be unable to utilize the available bandwidth due to
inherent protocol limitations.
If adding bandwidth won’t solve these types of problems, what will?
The Acceleration Module, an optional component of Packeteer’s WAN Application Optimization
package, is able to improve application performance in environments with big links, large file
transfers, high latency, and/or sizeable transactions. Before we get into the details of the technologies behind the Acceleration Module, let’s examine the causes of performance problems.
TCP: A Problematic Protocol
TCP is a reliable protocol used for transmission of data over IP networks. However, there are inherent TCP behaviors that
work against higher latency connections.
TCP utilizes a sliding window mechanism
to limit the amount of data in flight at any
time. When the window becomes full, the
sender stops transmitting until it receives
new acknowledgments (ACKs). Over long
distance networks, where acknowledgments are slow to return, the TCP window size often sets a hard limit on the maximum throughput rate. Each operating system has a
predefined window size. For example, Windows 2000 uses a 16 KB window and Windows XP has
a variable window size up to 64 KB.
Depending on the distance of the link, it can take anywhere from 15 to 600 ms to get the ACK.
The following chart shows the typical delay due to distance.
WAN Link
Typical Delay
Same City
15 ms
Regional
30 ms
Across a Continent
100 ms
Between Continents
200 ms
Satelite
600 ms
PACKETEER | Page 23
White Paper
Fast WAN. Fast Apps. Fast Business.
As distance increases, so does the wait time for the ACK. Suppose Windows 2000 (with a 16 KB
window size) is the operating system being used. Once the ACK is received, the next 16 KB of
data is sent. This same process happens for every window (16 KB of data). As delay increases, the
result is that large links become less and less utilized because valuable time is spent simply waiting for acknowledgements. Consequently, the data cannot be sent fast enough in order to use
the available bandwidth. Much of the link gets wasted. From the user’s perspective, everything
is slow on the Internet: file transfers, web browsing, mail synchronization, and using web-based
applications.
A typical example is in large data center-to-data center WAN links. Large WAN connections (DS3,
45 Mbps, OC-3/STM-1/155 Mbps) between data centers have become more affordable and,
therefore, more commonplace. Having a large connection to speed the rate of disaster recovery
backup, server synchronization, and distributed storage is now a sound concept. But most server
mirroring and disaster recovery solutions use TCP protocols for their file transfers.
100 ms average delay (across-continent connection)
Link Size
Windows XP
Potential Wasted
Bandwidth
Windows 2000
Potential Wasted
Bandwidth
512 Kbps
0
0
2 Mbps
0
720 Kbps (36%)
10 Mbps
4.8 Mbps (48%)
8.7 Mbps (87%)
45 Mbps
39.8 Mbps (88%)
43.7 Mbps (97%)
155 Mbps
149.8 Mbps (96%)
153.7 Mbps (99%)
PACKETEER | Page 24
White Paper
Fast WAN. Fast Apps. Fast Business.
Assume a business is running Windows XP and has a cross-continent link with 100 ms of latency.
The maximum a single flow will be able to grow to is 5.1 Mbps. With a link size of 45 Mbps, approximately 88 percent of the bandwidth is being wasted due to TCP and window size limitations. Once again, user expectations are that the larger link size will allow for more efficient
backups and synchronization. When this expectation is not met, the assumption is that more
bandwidth will solve the problem, so the business upgrades to a 155 Mbps link. This only creates
more waste since approximately 96 percent of the bandwidth is not utilized.
When available bandwidth is not fully utilized due to TCP and latency limitations, the result is
wasted bandwidth and missed performance targets. Business productivity is negatively impacted
when large file transfers and interactive transactions are slow. The ability to accelerate sizeable file
transfers and interactive web-based applications is the key to resolving these issues.
The Packeteer Solution
While it is almost impossible to eliminate latency over networks, it doesn’t mean the situation
simply has to be tolerated or that something can’t be done to lesson the impact. Packeteer’s Acceleration Module minimizes the effects of high latency due to distance delay and can alleviate
the following problems:
• Poor performance of large flows: large file transfers, disaster recovery backups,
database synchronizations, and so forth
• The effects of packet loss and retransmissions
• Wasted WAN capacity and link under-utilization
• Customer-critical transaction applications with large transactions
• Unresponsive HTTP sessions
Packeteer provides acceleration for both transactions and file transfers to enhance network performance. Under the right conditions, acceleration yields significant performance improvements
— up to 8x for web traffic and 50x for file downloads, especially over high-latency links.
Xpress TCP
Because TCP isn’t a suitable transport protocol for high-latency networks, PacketShaper provides
an alternative that is specifically designed to address the inherent problems with using TCP in a
high-latency environment. This technology is called Xpress TCP.
With Xpress TCP as the transport protocol for accelerated traffic, PacketShaper intercepts the TCP
connection from the client and converts the data to XTP for transmission through the Xpress tunnel. The PacketShaper on the other side of the tunnel translates the XTP data back to TCP.
PACKETEER | Page 25
White Paper
Fast WAN. Fast Apps. Fast Business.
Xpress TCP offers several advantages over standard TCP. First of all, Xpress TCP is a high performance protocol that’s unconstrained by windowing limitations of normal TCP operations,
thereby allowing the WAN link bandwidth to be fully utilized. It uses rate-based congestion
control which allows a connection to quickly attain full-speed operation when significant bandwidth is available. With Xpress TCP, the ACKs are moved back to the local site, creating LAN-speed
responses to client-server exchanges.
When packets are lost, selective ACKs resend the data before clients have a chance to react. This
technique avoids the bandwidth tax required by aggressive forward error correction (FEC) technologies typically used in TCP.
Let’s return to the earlier example of the 500 MB file that took approximately 3.5 hours to transfer.
By using Xpress TCP instead of standard TCP, the entire 2 MB link could be utilized: this same file
would transfer in 33 minutes (7X acceleration). If you use the Compression Module in conjunction with the Acceleration Module, the 500 MB file could transfer in less than 7 minutes (30X
acceleration).
3 Hr
30 Min
File Transfer on Normal WAN Link (TCP)
33 Min
File Transfer using Xpress TCP
7 Min
File Transfer using Xpress TCP + Compression
Xpress HTTP
The Acceleration Module is able to significantly improve performance of web-based applications
and XML-based web services on high-latency links. This technology is called Xpress HTTP. When
acceleration is enabled, web pages display up to eight times as fast. Two features allow you to
accelerate HTTP traffic: FastStart and Prefetch.
The FastStart feature accelerates web downloads by reducing the time needed to establish each
new HTTP connection. Using FastStart, the PacketShaper acknowledges TCP connections immediately without waiting for a connection to be established to the web server. This immediate acknowledgement allows the browser to send its HTTP GET request right away. PacketShaper then
combines the HTTP GET request with the XTP connection request. This process delivers the HTTP
request to the web server one round-trip faster. For web pages that consist of large numbers of
objects, FastStart greatly improves the responsiveness of the web page display.
PACKETEER | Page 26
White Paper
Fast WAN. Fast Apps. Fast Business.
The Prefetch feature reduces the time required to download and display web pages. The serverside PacketShaper unit intercepts the HTML pages returned by the web server and begins retrieving the various embedded graphics and objects on that page. The server-side PacketShaper
then pushes the objects to the remote side of the link where they are served by the client-side
PacketShaper unit when requested by the browser, thereby avoiding the network delay. In many
cases, the objects can be local to the client before they are even requested.
Integration of Acceleration with Other Optimization Tools
Integration of optimization technologies becomes key when trying to maximize the improvement of application performance. Packeteer’s technologies – Monitoring, Shaping, Compression, and Acceleration – work together to improve the performance of applications running on
the network. For the most benefit, technologies should be implemented concurrently.
When users are experiencing application performance problems on your network, Packeteer’s
software modules work in concert to solve these issues.
• Monitoring is the first step. This module identifies and categorizes the
applications on your network, necessary for the other optimization tools to do
their jobs.
• Shaping contains recreational traffic and provisions bandwidth to your mission-critical
applications in order to provide the quality of service your users deserve.
• Compression effectively increases the size of your link, making additional bandwidth
available to your applications.
• Acceleration allows the entire link to be filled so that bandwidth doesn’t get wasted.
As a result, application performance improves and response times become acceptable.
By providing application-intelligent visibility, control, and compression, PacketShapers allow
customers to be selective about which applications (and how much of each) get on to the WAN.
With this infrastructure in place, acceleration can do its job of overcoming latency and TCP protocol design limitations for file transfers, data backups, and synchronizations between geographically remote sites.
PACKETEER | Page 27
White Paper
Fast WAN. Fast Apps. Fast Business.
Can You Benefit From Acceleration?
As explained earlier, having a large link doesn’t guarantee that the link’s bandwidth can be fully
utilized. Your operating system’s window size and latency are both factors on whether the link
can be filled to its capacity. Estimating your link’s percent utilization can help you determine
whether your network can benefit from the Acceleration Module.
Because the calculations are a bit involved, Packeteer has developed an online Link Utilization
Calculator. All you need to do is select your operating system, input the latency in milliseconds,
specify your link size, and estimate compression savings (if you are using or planning to use the
Compression Module). The Calculator will then tell you how much of the link can be filled with a
single flow and whether acceleration would be beneficial in your network environment.
If the Link Utilization Calculator indicates that acceleration would be beneficial, the next step is to
look at the types of applications on your network. Acceleration is most helpful with the following
types of traffic:
• Large file transfers (CAD, X-rays, legal documents, multimedia files, print production files)
• Database synchronizations
• Server backups
• Storage mirrors
• Intranet portals
• Web-based applications
• XML-based web services
Larger transactions, such as customer queries from ERP or CRM packages, will benefit significantly
from acceleration. For transaction-based applications with small transactions, Xpress TCP may not
be as helpful; a more appropriate solution for these types of applications is Packeteer’s congestion management technology included in the Shaping and Compression Modules.
PACKETEER | Page 28
White Paper
Fast WAN. Fast Apps. Fast Business.
How Much Traffic is Getting Accelerated?
For an overview of how acceleration is working on your link, a Traffic Acceleration Summary
report is available. There is one graph for the Inbound direction and another for Outbound. Each
graph displays bandwidth utilization of accelerated bytes that went through acceleration tunnels. If acceleration is enabled at any point during the time period on the graph, a red horizontal
line will appear above the graph.
SkyX and PacketShaper Compatibility
In addition to tunneling with other PacketShapers, the Acceleration Module can create tunnels with SkyX Accelerator, Packeteer’s dedicated acceleration hardware device. SkyX provides
functionality similar to the Acceleration Module: it accelerates TCP over high-latency links. Using a
SkyX tunnel, you can accelerate traffic between hosts on one side of a PacketShaper and hosts on
the other side of a SkyX Accelerator.
PACKETEER | Page 29
White Paper
Fast WAN. Fast Apps. Fast Business.
Xpress Tunnels
An Xpress tunnel is a communication link between two PacketShaper units. Its function is to
transport data that has been compressed, packed, and/or accelerated. The illustration below
shows three Xpress tunnels. Tunnel A is set up between a branch office (A) and the main site.
Tunnel B transfers data between another branch office (B) and the main site. Tunnel C transports
traffic between the two branch offices.
Branch Office A
Main Site Servers
PacketShaper
PacketShaper
Corporate
WAN
Branch Office B
PacketShaper
Main Site
LAN
PacketShaper
Internet
Tunnel B
Tunnel A
Tunnel C
ActiveTunnel™
Packeteer’s ActiveTunnel feature automatically detects PacketShapers on the network and builds
Xpress tunnels between them. These tunnels are considered to be dynamic. Alternatively, you
have the option of manually defining the tunnel end-points. This type of tunnel is called static.
PacketShaper continually monitors the traffic traversing the tunnels. When resources are constrained and tunnel demand exceeds resources, the PacketShaper automatically determines
which tunnels yield the best results and ensures they remain active. It deactivates less utilized, effective tunnels to support the more active, valuable tunnels. Although Packeteer caps out at 300
active tunnels (depending on model and memory), it can juggle many more potential tunnels
and maintain the most beneficial as active, temporarily deactivating those that are least effective.
ActiveTunnel’s ability to juggle a large number of tunnels, keeping the most effective ones active, enables PacketShapers that sit at the network edge to connect seamlessly to a large, fully
meshed environment. Each of the connections in a meshed environment can have a tunnel, as
long as there are PacketShapers deployed at the end points. With PacketShapers, scaling issues
for tunnels are no longer an issue.
Each PacketShaper model has a limit to the number of Xpress tunnels that can be automatically
or manually created. Specifications for each model are listed online in the Configuration Limits
table in PacketGuide.
PACKETEER | Page 30
White Paper
Fast WAN. Fast Apps. Fast Business.
Tunnel Monitoring and Configuration
Although the ActiveTunnel feature automatically manages your tunnels behind the scenes, it’s still
useful to see how many tunnels are active, who their partners are, how well compression and acceleration are doing on each tunnel, and which tunnels, if any, are experiencing problems. The Xpress
Tunnels Overview, shown below, provides a real-time snapshot of this type of information. It lists the
tunnels that have formed with your PacketShaper as well as statistics for each tunnel.
The overview indicates configuration information for each tunnel: name, functionality (compression,
packing, acceleration), the IP address of the tunnel partner, and whether it’s static or dynamic. In
addition, this screen displays the following statistics for each tunnel: Inbound and Outbound speed,
Inbound speed of decompressed data, Outbound speed of compressed data, the percentage of
bandwidth saved by compression, and Inbound and Outbound speed of accelerated data. If there is
a problem with the tunnel, a warning icon will appear next to the tunnel name.
In addition to monitoring tunnels, this screen allows you to:
• configure your global tunnel settings (such as enabling compression and firewall support)
• define the Xpress-IP addresses (each built-in or LEM device that you want to use for
Xpress tunneling must be assigned a unique IP address)
• delete tunnels
• create static tunnels and customize their settings
PACKETEER | Page 31
White Paper
Fast WAN. Fast Apps. Fast Business.
In Summary
Packeteer’s WAN Application Optimization solution enables organizations to provide optimal performance of all essential applications deployed across the enterprise, while minimizing the impact of
recreational and malicious traffic. Monitoring, shaping, compression, and acceleration — the cornerstones of WAN Application Optimization — enable organizations to:
• Ensure network resources are aligned with business objectives
• Extract maximum performance and value from existing WAN, Internet, and application investments
• Identify applications on the network and examine their bandwidth demands and performance
history
• Speed the performance of critical applications
• Limit use of recreational traffic and defend against disruptive attacks
• Increase bandwidth capacity with compression gains of up to 10X and direct those gains to critical applications
Today’s enterprises require performance, predictability, and consistency from their networks and the
applications that traverse them. That’s precisely what PacketShaper delivers.
For More Information
If you’d like more information about Packeteer products, consult Packeteer’s website
(www.packeteer.com) or call 408-873-4400 or 800-697-2253.
Copyright © 2006 Packeteer, Inc. All rights reserved. Packeteer, the Packeteer logo, Mentat, PacketWise, PacketShaper, PacketShaper Xpress, PacketSeeker, ReportCenter, PolicyCenter and SkyX are trademarks or registered trademarks of Packeteer,
Inc., in the United States and other countries. All other company trademarks are the property of their respective owners. No part of this document may be reproduced, photocopied, stored on a retrieval system, transmitted, or translated into
another language without the express written consent of Packeteer, Inc.
PACKETEER | Page 32