An IP packet (Fountain, 78)
Basics of Internet data transmission
Protocol: "Nothing more than a defined method of communications, similar to a language such as English or German." Thomas Fountain, Stanford Professor
Computers connected to the Internet communicate with each other through protocols that define the commands supported by a given service and specify the order of data transmission. Protocols are nothing more than common standards that define how data should be exchanged by networked computers. Internet Protocol (IP), Internet Control Message Protocol (ICMP), Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) are the protocols that regulate data transmission on the Internet.
The most important network protocol. It is a network layer protocol that supervises the transmission of packets from a source machine to a destination. Data is broken down into packets, or datagrams, up to 64 Kb long before it is transmitted. To get to their destination, the packets are free to take any path of transmission and arrive in any order. Because the routers along the way do not guarantee that all IP packets will be delivered, IP is unreliable. An IP packet is composed of two parts: an IP header and a data section. The header indicates the packet length, the source address and the destination address.
An IP packet (Fountain, 78)
Internet Control Message Protocol (ICMP)
Because of their size limitation, IP packets cannot communicate significant amount of information that facilitate data flow control. The ICMP can return Time to Live (TTL) expired messages or Destination Unreachable. It also "reports on the current congestion and datagram flow and is used to quench the flow of data or update basic routing information" (Fountain).
Transmission Control Protocol (TCP)
TCP is a transport layer between IP and Internet applications (WSFTP, Internet Explorer, etc) which guarantees that data transferred between two computers will not be lost and ensures that packets are received in the correct order. If certain packets in a transmission are lost or damaged, TCP sends messages back to the source machine, requesting it to resend the information. By supporting full-duplex operation, TCP allows multiple independent streams of data traveling both ways at the same time. It also provides flow control to ensure that the sender is not sending the data too fast for the receiver to process. TCP data are also broken down into packets like the one in the figure below.
A TCP packet (Fountain, 82)
UDP provides services similar to those of IP. Like IP, UDP also does not guarantee delivery for its datagrams. It is used when TCP is too complex, slow or unnecessary.
How Packet-Monitoring Works
Basically, the packet-monitoring products on the market are all hardware/software solutions. The hardware part is a box that is connected to both routers that receive data from the Internet and routers that send data from the internal network to the outside world. As data is being transferred between the internal network and outside world, the box intercepts data packets. It can identify the source and destination IP addresses, source and destination port numbers, type of protocol, and content of transmission by looking the header information contained in the packets.
These packet-monitoring products, known as bandwidth managers, allow system administrators to allocate network bandwidth in any manner they see fit. They assist administrators in the allocation process in the following ways:
1. Monitoring network traffic
By providing detailed, real-time network usage statistics, these bandwidth managers allow the administrators to see instantly how much of the overall network bandwidth is being used. The administrators can also identify the applications/services utilizing the network, the users generating the most network traffic, the types of information being transferred in and out of the network, as well as the source and destination of that information. The big purple arrow in the PacketShaper screen shot below shows that Napster is one of the applications using network resources.
2. Categorizing network traffic
The administrators can break network traffic down into different categories. PacketShaper, for instance, can classify traffic by "application, protocol, port number, URL or wildcard (for web traffic), host name, host lists, Diffserv setting, IP precedence bits, IP or MAC address, Oracle database, Citrix published application, user's browser type, and more." The PacketShaper screen shot below shows the different classes of network traffic, their transfer rates, and the percentage of network bandwidth allocated to each class.
3. Managing network traffic
The administrators can control network traffic flow in several ways. They can assign different priority levels to different categories. PacketShaper, for example, allows the administrators to set 8 priority levels, from 0 to 7. Because the levels are on a logarithmic scale, a server with a priority level of 6 is allocated 10 times the bandwidth of a server with a priority of 5.
Administrators can also allocate bandwidth by setting up maximum and minimum transfer rates. FloodGate-1, from Check Point Software, allows the user to set per-connection guarantees and limits so that no application or website can monopolize the network. As an example, an administrator can limit Gnutella transfer rates to 15 kilobits per second and guarantee that connections to the company's Oracle database can sustain minimum transfer rates of 200 kilobits per second.
Screen shot of FloodGate-1
Some bandwidth managers, such as PacketShaper, even give administrators the option to completely block certain traffic by discarding the incoming packets without returning any feedback to the sender.
As the diagrams below illustrate, the main purpose of these bandwidth managers is to make sure that when the network is at peak capacity, mission-critical information will always get through. At the same time, low-priority traffic are still permitted to occur, just not at the expense of the important data.
Before Using Bandwidth Manager
After Using Bandwidth Manager
Overview of Packet-Monitoring Products on the Market
There are four packet-monitoring products currently on the market. They are: NetEnforcer from Allot Communications; Acess Point 450 from Xedia Corporation (now owned by Lucent Technologies); FloodGate-1 from Check Point Technologies; and PacketShaper from Packeteer Inc.
Although one product may excel at monitoring (PacketShaper) while another's strength is prioritizing (FloodGate-1), all of these packet-monitoring products support the features described above. Each product can be customized with many different hardware/software configurations, which leads to a wide range in price. All of these products cost at least $3,000. The PacketShaper packages that Stanford currently uses cost approximately $8,000 each.
References:
Fountain, Thomas. Introduction to Computer Consulting. 1999.
Taschek, James. "Unclogging the Pipes" Internet Business 2 Nov. 1998. WWW
Yanowitz, Jason. "Under the hood of the Internet: An overview of the TCP/IP Protocol Suite." ACM Crossroads 1994. WWW
