Editors notes: The following excerpt was pulled from the Resnet User Group Mailing list Oct 17 , 2009
Most subscribers to this user group are IT directors or adminstrators for large residence networks at various universities. Many manage upwards of tens of thousands of Internet users. If you are an ISP I would suggest you subscribe to this list and monitor for ideas. Please note vendor solicitation is frowned upon on the Resnet list
As for the post below The first part of the post is Dennis’s recommendation for a good bandwidth shaper, he uses a carrier grade Cisco product.
The second part is a commentary on the fallacy of layer 7 shaping. No we do not know Dennis nor does he use our products , he just happens to agree with our philosophy after trying many other products.
Dennis OReilly <Dennis.OReilly@ubc.ca
reply-to Resnet Forum <RESNET-L@listserv.nd.edu> to RESNET-L@listserv.nd.edu date Sat, Oct 17, 2009 at 12:35 AM subject Re: Packet Shaping Appliance unsubscribe Unsubscribe from this sender
We are researching packet shaping appliance options as our current model is
end-of-life. It is also at its maximum for bandwidth and we need to increase
our bandwidth with our Internet service provider. We are interested in
knowing what hardware others are using on their Internet service for packet
shaping. Thank you.
At the University of British Columbia we own and still use four PS10000’s. A year ago we purchased a Cisco SCE 2020 which has 4 x 1G interfaces. The SCE 2020 is approx the same price point as the PS10000. There is also an SCE 8000 model which has 4 x 10G interfaces, also at a decent price point.
Oregon State brought the SCE product line to our attention at Resnet Symposium 2007. A number of other Canadian universities recently purchased this product.
The SCE is based on P-Cube technology which Cisco acquired in 2004.
In a nutshell comparing the SCE to the PS10000:
– PS10000 reporting is much superior
– PS10000 and SCE are approx equal at ability to accurately classify P2P
– SCE is essentially a wire speed device
– SCE is a scalable, carrier-grade platform
– Installation of SCE is more complicated than PS10000
– SCE has some capability to identify and mitigate DoS and DDos attacks
– SCE handles asymmetric routing
– SCE has fine grained capabilities to control bandwidth
It is becoming more and more difficult over time for any packet shaping device like a Packetshaper, or a Procera, or an SCE to accurately classify P2P traffic. These days the only way to classify encrypted streams is through behaviorial analysis. In the long run this is a losing proposition. Thus, approaches like the NetEqualizer or script-based ‘penalty box’ approaches are better. However, boxes like the SCE which have excellent capabilities to control bandwidth on a per user basis are also viable. Otherwise the carriers wouldn’t be using these products.