Bandwidth Control in a Service Provider network

From MikroTik Wiki
Jump to navigation Jump to search

Overview

Bandwidth Control Scenarios vs. Network Topology

The installation of Bandwidth Control Device(s) within the network depends upon the network layout. As a general rule, you want to put the control devices (BW control, firewall, etc.) at a Trust Boundary. In virtually any network, Trust Boundaries exist at the Edge and the Border of the network. In a Service Provider's network, this is where the customer connects and where the service provider connects to the rest of the Internet.

The more complex the network topology, the more creative you'll have to be in order to implement Bandwidth Control & QOS. I'll discuss three different network topologies and strategies for how to implement network-wide Bandwidth Control and Quality of Service.

Additional complexity arises in heterogeneous network architectures. If you're using MikroTik devices along with other vendors' equipment such as Cisco, Adtran, Nortel, etc., you need to ensure that your QOS scheme interoperates between the different devices.


Edge Router Scenario

(Bandwidth Control near Edge)


In this scenario, we must address several challenges to provide Bandwidth Control

  • Without creating a new single point of failure in the Backbone!
  • Multi-homed PoPs
  • Multi-homed Service Provider with upstream connections at different locations


Firewall Scenarios

(Bandwidth Control near Border)

One upstream provider

Single Border Router with more than one upstream provider

Links / Supporting Documents

Terminology

Access / Aggregation Device

Devices that connect the End User to Your network. Probably some sort of "point-to-multipoint" thing such as:

  • miniPCI card in the EdgeRouter (either WAP or Ethernet ports)
  • Wireless Access Point, separate from EdgeRouter
  • Router with T1/T3/OC3s, etc.
  • DSLAM (Frame Relay / ATM switch)
  • Ethernet switch or bridge
  • Analog/ISDN modem bank
  • VPN concentrator

Autonomous System (AS)

  • In general, I mean a network under the control of a single administrative entity. Some examples might be a company, a school, a government agency, or a telecommunications firm.
  • An AS has a very specific meaning within OSPF and BGP. The Wikipedia has a detailed description of Autonomous System

Backhaul / Backbone

Links between PoPs and other PoPs or Central Office(s)

Backhaul / Backbone Device(s)

Devices that route or bridge IP traffic bewteen PoPs and Central Office(s).

Bandwidth Control

The act of prioritizing and rate limiting IP traffic.

Bandwidth Control Device

A Mikrotik router performing Classification, Marking, Prioritization, and Rate Limiting on IP traffic.

Border

The line between You and The Internet (your upstream internet providers and/or peers). The boundary between two different Autonomous Systems.

Border Router(s)

Device(s) connecting Your Network to The Internet (Your upstream providers or peers).

  • In single-homed networks, the router connecting to upstream internet provider. Could run external BGP or have default route with next hop of upstream provider.
  • In multi-homed networks, border routers most likely run external BGP
  • For most IGP protocols like OSPF or EIGRP, this is the origination point(s) of the default route which gets distributed to the network.

Bridged interface

one or more physical interfaces that are linked together to form a single logical interface that can be used as a Bandwidth Control upload or download interface.

Central Office

Physical location(s) where your network receives a connection from upstream providers and/or peers.

Class

A bandwidth control grouping that defines a maximum upload and/or download speeds.

Download

Traffic flowing FROM the internet TO the End User

Download interface

The interface on the Bandwidth Control Device that is or connects to the Access Device.

Edge

The line between "you" (the network where bandwidth control is being deployed, probably the reader of this document!) and the End User of "your" service.

EdgeRouter / Firewall

A router placed as close as possible to a Trust Boundary within the network. The EdgeRouter may be used for firewalling, NAT, Bandwidth Control, or any number of purposes. It may even be both a wireless access point and an ethernet access point for customers.

End User / Customer / Client

The entity under bandwidth control. In general, this refers to the IP Address(es) assigned to the actual entity.

  • For an ISP, this is a customer
  • For a school, this could be faculty, staff, or student.
  • For typical businesses & government, this is employees

Upload

Traffic flowing FROM the End User TO the internet

Trust Boundary

The line between an Autonomous System and any foreign entity. Such foreign entities might include:

  • Customers
  • Peers
  • Service Providers
  • Students / Faculty / Staff
  • Employees
  • Guests
  • Tenants

Upload interface

The interface on the Bandwidth Control Device that is or connects to the Backbone device

You/Your Network

The entity performing bandwidth control, Most likely the reader of this document! From the End User's perspective, this could be the ISP, the school, or the business/government.