In working with Internet providers around the world, we’ve repeatedly heard the same issues and challenges facing network administrators. Here are just a few:
- We need to support selling fixed bandwidth to our customers.
- We need to be able to report on subscriber usage.
- We need the ability to increase subscriber ratio, or not have a subscriber cutback, before having to buy more bandwidth.
- We need to meet the varying needs of all of our users.
- We need to manage P2P traffic.
- We need to give VoIP traffic priority.
- We need to make exemptions for customers routing all of their traffic through VPN tunnels.
- We need a solution that’s low cost, low maintenance, and easy to set up.
- We need a solution that will grow with our network.
- We need a solution that will meet CALEA requirements.
In this article, we will talk about how the NetEqualizer has been used to solve these issues for Internet providers worldwide.
Download article (PDF) ISP White Paper
We need to support selling fixed bandwidth to our customers.
With the NetEqualizer, administrators will find they have significantly greater control over how bandwidth is distributed through the ability to shape their network traffic by IP address, MAC address, VLAN or subnet.
The NetEqualizer provides the ability to set “hard limits” for both inbound and outbound traffic by individual ip address, to support setting fixed bandwidth per customer. In addition, you can set hard limits for a class of ip addresses (B or C), if you have a contiguous block of ip addresses that you want to limit. Alternatively, hard limits can be set up VLAN or MAC address as well. For more information on each shaping strategy, see our detailed NetEqualizer User Guide.
We need to be able to report on subscriber usage.
Once you have your fixed bandwidth allocated, you can use NetEqualizer’s reporting capabilities to see how much network utilization is being used in real-time by each subscriber (ip address) on your network. This will help you to track and report on network usage, so that you can send notification letters to your customers on their bandwidth utilization. For customers consistently hitting their fixed allocation maximum, this could include a recommendation to increase their bandwidth allocation to correct the issue.
We need the ability to increase subscriber ratio, or not have a subscriber cutback, before having to buy more bandwidth.
NetEqualizer’s built-in rules-based, application-level traffic-shaping technology dynamically controls traffic based on current network usage. When the network is congested, the fairness algorithm favors business class applications, including VoIP, Web browsing, chat and email, at the expense of large file downloads. This approach allows network managers and operators to maintain high levels of customer satisfaction without having to purchase additional bandwidth.
We consistently get feedback from our ISP and WISP customers that they are able to maintain higher subscriber-to-bandwidth ratios on their networks after installing a NetEqualizer. An investment in a NetEqualizer may result in reduced bandwidth costs, by delaying your need to upgrade bandwidth.
We need to meet the varying needs of all of our users.
The concept of “fairness” enables your network to continue providing quick response times to the majority of your users while restricting the network hogs. Low bandwidth users do not have to share the pain of a slow, congested network with the network-hogging applications. Your customers expect email and web surfing to be responsive, and with equalizing, they will be.
For example, suppose you have customers using the network as follows:
• 95 percent are web surfing
o Of these, 20 percent are also on Skype calls
o Another 30 percent are also watching YouTube and running chat sessions
• 5 percent are watching YouTube
In this example, if your trunk is saturated, the NetEqualizer would add latency to the YouTube streams (since they are the most bandwidth intensive), leaving all the other streams alone. So instead of having your network crash completely, a few YouTube videos would break up for a few seconds, and then when conditions abated, they would be allowed to run freely.
Notice that the exact allocations per user do not matter. We do not try to hit fixed allocations, we just put delay on the nastiest “hog” traffic until the bandwidth usage overall drops back to 85 percent (or the setting you choose). This quickly takes the delay away until your network is no longer congested. The value is that you get the best possible usage of your network bandwidth without having to micro-manage.
We need to manage P2P traffic.
The NetEqualizer can spot P2P and related applications based on our default set up. Over the past several years, with hundreds of installations, we have found that our default rules act like a general antibiotic at effectively controlling all P2P traffic, regardless of whether it’s encrypted or not.
The key is NetEqualizer’s focus on connection limits. With a single command, a system-wide connection limit can be set that applies to all hosts, external or internal to the network. If any host starts sending large numbers of messages, as is the case with P2P traffic, it will automatically be contained before causing a wide-scale network slowdown. Handling network overloads from P2P applications can be labor intensive, but NetEqualizer’s connection limit feature prevents any single host from opening more than a set amount of connections.
However, this doesn’t mean P2P must be blocked completely. The NetEqualizer can be set to enforce P2P rules only when your network is congested, thus allowing users access to legitimate P2P downloads at most times.
We need to give VoIP traffic priority.
NetEqualizer allows operators to make sure that latency-sensitive voice traffic receives the highest priority. It makes control decisions dynamically, prioritizing and shifting bandwidth between application and connections as network usage rises and falls.
We need to make exemptions for customers routing all of their traffic through VPN tunnels.
For your larger subscribers that utilize VPN tunnels, you may need to demarcate the VPN to give it priority, and a certain amount of bandwidth. This can be done by utilizing “hard limits” to set the bandwidth allocation for the VPN. The VPN will be treated as one ip address, and will be shaped as one entity.
We need a solution that’s low cost, low maintenance, and easy to set up.
Put simply, the NetEqualizer is a “plug-and-play” solution. Once you put the NetEqualizer in place, it immediately and effectively handles traffic shaping automatically around the clock. You simply need to define the size of your network pipe, establish the level of total bandwidth usage (default is 85%) at which you want shaping to kick in, make sure that the defaults are “on,” and that’s it.
In general, the NetEqualizer is installed between your Router and your Switch, acting as a transparent bridge once in place. It will reside passively in your network until bandwidth shaping is needed, and when the set level of congestion is reached, it kicks in to smooth your network traffic.
There are additional parameters that you can set to customize your NetEqualizer implementation. However, many of our customers find that they do not need to make any changes to the default settings in order for their network performance to improve dramatically.
We need a solution that will grow with our network.
The NetEqualizer is not licensed per user. Rather, the NetEqualizer license is tied to the size of your network pipe. It can be updated as the size of your pipe is increased, typically by purchasing a NetEqualizer license upgrade. Also, unlike other solutions on the market, you pay a one-time license fee for the NetEqualizer, and then only a small yearly support fee to cover software upgrades and support questions.
So, you can size your network to support your anticipated number of patrons, and then purchase the NetEqualizer that matches your network pipe size, knowing that you have the option of a license upgrade for more users later on. For more details on our sizing recommendations, see our contention ratio blog post Can Your ISP Support Video for All?, which specifically addresses the needs of administrators.
Furthermore, if you need to architect your network to support full redundancy, you can buy a second NetEqualizer and put it in place as either a cold backup or in hot swappable mode.
We need a solution that will meet CALEA requirements.
The NetEqualizer is able to serve as a CALEA probe, offering ISPs an affordable, yet effective, answer to law enforcement regulations. The Netequalizer CALEA release provides a network probe with the capability to comply with a basic warrant for information about a user by capturing and sending IP communications in real-time to a third party. IP communication may be captured by headers or headers and content.
Although the law (see CALEA sections 103 and 107(a)(2)) is fairly specific on what needs to be done, the how is not addressed to any level of detail to which we can engineer our solution. Many people are following the ATIS specification which was put forth by the FBI, and we have read and attempted to comply with the probe portion of that specification.
As best we can tell at this time, there is no one government agency that can fully declare our technology CALEA compliant. However, we do pledge to work with our customers should they be faced with a warrant for information to adjust and even customize our solution; however additional fees may apply. Additional information on CALEA itself can be found at http://www.askcalea.org.
For more information…
Although we’ve covered a few of the most pressing issues Internet providers face, we understand that everyone’s situation can be different. So, to learn more about how the NetEqualizer might specifically help your subscriber network, please contact us at email@example.com or call us at 303.997.1300, extension 103.