Bandwidth Control in a Service Provider network
Overview
Bandwidth Control Scenarios vs. Network Topology
The installation of Bandwidth Control Device(s) within the network depends upon the network layout. As a general rule, you want to put the control devices (BW control, firewall, etc.) at a Trust Boundary. In virtually any network, Trust Boundaries exist at the Edge and the Border of the network. In a Service Provider's network, this is where the customer connects and where the service provider connects to the rest of the Internet.
The more complex the network topology, the more creative you'll have to be in order to implement Bandwidth Control & QOS. I'll discuss three different network topologies and strategies for how to implement network-wide Bandwidth Control and Quality of Service.
Additional complexity arises in heterogeneous network architectures. If you're using MikroTik devices along with other vendors' equipment such as Cisco, Adtran, Nortel, etc., you need to ensure that your QOS scheme interoperates between the different devices.
Edge Router Scenario
(Bandwidth Control near Edge)
In this scenario, we must address several challenges to provide Bandwidth Control
- Without creating a new single point of failure in the Backbone!
- Multi-homed PoPs
- Multi-homed Service Provider with upstream connections at different locations
Firewall Scenarios
(Bandwidth Control near Border)
One upstream provider
Single Border Router with more than one upstream provider
Links / Supporting Documents
Terminology
Access / Aggregation Device |
Devices that connect the End User to Your network. Probably some sort of "point-to-multipoint" thing such as:
|
Autonomous System (AS) |
|
Backhaul / Backbone |
Links between PoPs and other PoPs or Central Office(s) |
Backhaul / Backbone Device(s) |
Devices that route or bridge IP traffic bewteen PoPs and Central Office(s). |
Bandwidth Control |
The act of prioritizing and rate limiting IP traffic. |
Bandwidth Control Device |
A Mikrotik router performing Classification, Marking, Prioritization, and Rate Limiting on IP traffic. |
Border |
The line between You and The Internet (your upstream internet providers and/or peers). The boundary between two different Autonomous Systems. |
Border Router(s) |
Device(s) connecting Your Network to The Internet (Your upstream providers or peers).
|
Bridged interface |
one or more physical interfaces that are linked together to form a single logical interface that can be used as a Bandwidth Control upload or download interface. |
Central Office |
Physical location(s) where your network receives a connection from upstream providers and/or peers. |
Class |
A bandwidth control grouping that defines a maximum upload and/or download speeds. |
Download |
Traffic flowing FROM the internet TO the End User |
Download interface |
The interface on the Bandwidth Control Device that is or connects to the Access Device. |
Edge |
The line between "you" (the network where bandwidth control is being deployed, probably the reader of this document!) and the End User of "your" service. |
EdgeRouter / Firewall |
A router placed as close as possible to a Trust Boundary within the network. The EdgeRouter may be used for firewalling, NAT, Bandwidth Control, or any number of purposes. It may even be both a wireless access point and an ethernet access point for customers. |
End User / Customer / Client |
The entity under bandwidth control. In general, this refers to the IP Address(es) assigned to the actual entity.
|
Upload |
Traffic flowing FROM the End User TO the internet |
Trust Boundary |
The line between an Autonomous System and any foreign entity. Such foreign entities might include:
|
Upload interface |
The interface on the Bandwidth Control Device that is or connects to the Backbone device |
You/Your Network |
The entity performing bandwidth control, Most likely the reader of this document! From the End User's perspective, this could be the ISP, the school, or the business/government. |