Achieving QoS in a Hybrid Cloud ImplementationAchieving QoS in a Hybrid Cloud Implementation

Quality of service, or QoS, is important when mixing real-time and bulk traffic. Add big data applications and the challenge grows. Let’s look at strategies that we can use to protect real-time traffic in a hybrid cloud environment where end-to-end QoS may not be possible.

Hybrid Cloud

I define a hybrid cloud as a combination of an enterprise on-premises cloud system and a remote, vendor-provided cloud system. The on-premises systems typically support either infrastructure or platform delivered in the as-a-service model, while the vendor systems could provide a variety of services (infrastructure, platform, data center, or software). In a hybrid cloud, applications might have components located on premises or externally. An application that has real-time communications requirements between sites should be prioritized over non-real-time traffic.

You may also have a software service, such as VoIP, that has real-time components. Somehow, you must connect your voice endpoints within the enterprise to the voice control system service. Call control services typically have less critical timing constraints than real-time streams going to conference calling services located in a cloud provider’s infrastructure.

No QoS over the Internet

QoS is normally used to prioritize different types of traffic, relative to each other. The process involves classifying traffic by marking packets with either a class-of-service (CoS) or Differentiated Services Code Point (DSCP) identifier. Once packets are marked, the network uses the embedded CoS/DSCP identifier to perform rate limiting and prioritization for forwarding. Time-sensitive packets get transmitted before less-time-sensitive packets. A QoS design typically has four, eight, or 12 different classes.

The problem on the public Internet is that there are too many competing interests for this simple mechanism to work. Therefore, the Internet typically uses a weighted fair queueing mechanism that favors low-volume traffic flows. This mechanism works well for highly interactive applications with low data volume. Voice traffic typically has a low enough volume that it gets good treatment, especially when compared to things like Web page updates, image files, and streaming video. This is as good as it gets on the public Internet.

Multi-Protocol Label Switching (MPLS)

MPLS technology allows carriers to provide a virtual network to each customer. An eight-class mechanism is available to prioritize traffic within each customer’s virtual network. While this mechanism doesn’t differentiate between customers, it does allow each customer to map its internal CoS/DSCP classes into the MPLS priorities.

Because MPLS is less expensive than using dedicated leased lines, it has been the preferred WAN technology for some time. However, some newer, less expensive technologies have begun supplanting MPLS.

Dedicated On-Ramp Providers

A new class of Internet service provider (ISP) and hosting provider has emerged to facilitate cloud connectivity. These carriers have connections to Internet exchange points (IXPs) where the big cloud providers also have connections. These facilities are where carriers and big companies interconnect their networks. Examples are ISPs, wireless carriers, and big companies like Facebook, Amazon, and Google.

The new class of ISPs connect to the IXPs and then sell either dedicated or MPLS links to enterprise customers. These links can handle QoS and provide a high-speed connection directly to the major cloud hosting provider of choice.

Click below to continue to Page 2: SD-WAN, Other Factors, Summary

Software-Defined WAN (SD-WAN)

Another choice that’s becoming popular is SD-WAN. SD-WAN products allow enterprises to use multiple links as if they were virtually bonded together. A typical implementation might have one MPLS link for real-time traffic, one or more Internet links for bulk traffic, and a cellular Long Term Evolution (LTE) link for connection resilience. The SD-WAN devices are located at each enterprise WAN site and they build a full mesh of virtual private networks between themselves. The devices continuously measure each link for available bandwidth, latency, and packet loss. An advantage of SD-WAN is automatic resilience because if one link goes down, the other links carry the traffic for a site.

Because SD-WAN devices are constantly measuring each link, they can dynamically send traffic over whichever links are providing the best connectivity and service for each traffic class. A central SD-WAN controller defines policies regarding which path should be used for each traffic class (much like the CoS mentioned above). A policy might specify that voice and interactive video should transit the MPLS link while application traffic traverses the Internet links.

SD-WAN devices also incorporate compression technologies that minimize the total traffic volume, just as the older WAN optimization devices did. This makes them a preferred choice for upgrading a WAN optimization infrastructure.

Traffic that is directed to Internet sites can go directly to the Internet. This is an advantage for enterprises that are using software as a service, where end users are connecting directly to a hosting provider’s services over the Internet. If an enterprise has more than one Internet link provisioned, the SD-WAN controller can set policies regarding which link SaaS traffic should traverse, potentially keeping the remaining Internet links available for enterprise site-to-site traffic.

Other Factors

Other factors can influence the performance of the resulting system. For example, buffer bloat (the use of big buffers in network equipment) can cause significant performance problems at points where there are big differences in ingress and egress network speeds. A good example is a path that transits a 1-Gbps link into a router that connects to a 10-Mbps WAN circuit. If the router has big buffers, it fools a system on the 1-Gbps side into believing that it has a 1-Gbps path to the destination system. When the buffers fill, the router must drop many subsequent packets. Only after the router’s buffers empty can the sending system resume sending data. We’ve seen cases in which a 10 Gbps-to-1 Gbps path would run at an effective rate of less than 200 Mbps.

Another factor is workload placement -- best practice is to decouple cloud environments from each other instead of distributing an application across multiple data centers. Latency and WAN packet loss can have a significant negative impact on application performance. A widely distributed application will also be much more difficult to troubleshoot when it doesn’t work as designed (or expected).

Summary

If you don’t have dedicated links on which you can set QoS, you’ll need to either live with whatever your ISP delivers or you’ll need to investigate one of the other services (MPLS, on-ramp provider, or SD-WAN) to handle your real-time traffic. The SD-WAN option is generating a lot of interest in the industry since it combines WAN optimization, resilience of multiple links, and a form of traffic prioritization.

For more on this topic, please join me at Enterprise Connect, March 18 to 21 in Orlando, Fla., for the session, “Can You Ensure QoS in Your Hybrid Cloud Deployment?” It is a short time from now, but still enough time to get discounted admission, using the code SLATTERY. Register now!