Australia’s federal government has planned to require Australian ISPs to use filtering software to remove “illegal” content from Australia’s Internet. They’re spending around $77M (USD) to implement the program which the government had lead people to believe would be optional. Instead, it will be mandatory.
Mark Newton, a network engineer with Internode in Australia (but not working on behalf or speaking for Internode), did an analysis of the data gathered from Australian government trials of filtering software. He concluded that, among other things, more accurate filters degrade Internet speeds over 70%, and less accurate filters can have up to a 15% false positive rate.
In retaliation, Belinda Dennett, a policy advisor to Australia’s communication minister, Senator Stephen Conroy (Labor), wrote an e-mail to Newton’s employer, asking them to reign in the network engineer’s dissent.
We called Sen. Conroy’s office but we were not able to get a response before press time.
We have an audio interview in podcast form with Mark Newton below, with a transcript below the cut.
Now, Mexican folk music of the “narcocorridos” variety has a rich tradition and requires extreme skill to produce, and is greatly enjoyed by many music aficionados. But still, if you’re going to come up with a piece of music designed to surprise the hell out of everyone, you could probably choose no better music in the world.
Knowing Cisco, there’s no way that this was deliberate; but this brings to mind two things: First, is there someone out in Baja California with a copy of VPN software in his or her hand, wondering to themselves: “¿Dónde está mi música?”
Second, will this start a trend of “narcorrido-rolling” network engineers?
Cisco is doing everything they can to recover from this error, and in a statement, said:
Cisco is aware that some customers have received defective VPN Client CDs as part of recent orders.
Manufacturing is aware of this problem and is actively reshipping new media to impacted customers.
Defective VPN Client CDs can be identified by the following marking on the back of the media which ends in "MX21511/4"
Of course the moral of the story is that you need to test before you deploy. In this case, it was a little embarrassment, and we all pretty much just have a chuckle about it. But deploying technology on the network without knowing the full effects is just asking for trouble.
I mean, what would have happened if the music actually installed? Is your enterprise prepared to handle accordion configuration?
You might believe, and with some real justification, that the term “end to end” is only used by vendors who custom-fit the definition to the scope of their particular product.
Does “end-to-end” application management, for instance, include the mainframe? You bet it does if you’re a vendor that manages the mainframe environment! Does it include capturing the end user experience at the end station, desktop, or mobile device? Once again, the answer is a definitive “yes” if you’re a vendor that has strong QoE (Quality of Experience) roots. Or how about insights into the code and design of the application itself? If you’re one of the few vendors that does this, you’re proud of it and wouldn’t have it any other way!
And this concerned me because, if you do a google search for: [site:networkperformancedaily.com “end-to-end”], you get 122 results. The phrase, “end-to-end” appears in a little more than 1 in 5 posts we’ve made to this blog.
So, what do we mean by “end-to-end?” We’re usually using the phrase in connection with network response times and the end-user experience at the end station; NetQoS is a “vendor that has strong QoE roots.”
Now, we do have some insight into the code and design of the application. But that isn’t the focus of our tools; the focus is to tell you whether the problem is in the network, server, or application, and if it’s in the application, give you a good idea of where to start your investigation. (For example, an application that is slow due to unnecessary round-trip transactions behaves differently from an application that is slow due to a memory leak on the server where it is being run.)
Drogseth is right when he says that no one vendor is optimized to do it all. In the future, there could be, but then you run into the quality vs. quantity problem. Is it better to do it all adequately or to do a few things extremely well?
EMA defined five major technology spheres, and last June, they polled more than 400 respondents to find out which of them they believed “most critical to end-to-end application management in 2008.” The answer was “Network Application Management,” focusing on application flows and end-to-end (as we define it) transaction capabilities.
For more information on this, I recommend you read the original article up at Network World. Additionally, Drogseth promises to follow-up in his next two columns.
Network performance is just as difficult – and just as important – as network security, but security is “sexier.” It brings to mind ideas of James Bond’s villain Boris yelling, “I am inwincible!” But, if you've got an IT staff that knows a lot about security but nothing about latency, you can guess how well the apps will perform.
But even separating network performance from network security isn’t enough – because the network fills so many different roles in the company, network engineers are becoming specialized by necessity.
According to IT Career Planet, Cisco just announced three new Cisco Certified Network Asscociate concentrations – CCNA Security, CCNA Voice (for VoIP issues), and CCNA Wireless – with an eye towards closing the “skills gap” and providing specialized knowledge. (Let’s side-step the whole “vendors offering training and certification” issue – that’s the way the system’s set up, and so far no one’s come along with a better solution to replace it.) Anyway, more specialized training is good news.
The bad news is that while Robert Whitely at Forrester Research says that in five years, organizations that have a dedicated position for wireless, voice, and security will grow as high as 70%, we can’t help but notice that he didn’t ask the question of whether there will be dedicated positions for network performance. Yes, it’s great that there’s going to be a VoIP specialization – but VoIP is only one of the applications that IT is delivering.
It’s one of the reasons that we’ve been offering (vendor-neutral) network training and certification in network performance technologies, metrics, and analysis, in our NetAnalyst program.
Scalability is one of the more overused terms in networking – which makes it hard to explain why it’s important. Well, I mean, beyond the main concept of: “More scalability means you can hook up more computers to it!”
True, how big the deployment is probably the best way to objectively prove scalability – for example, NetQoS has one ReporterAnalyzer deployment monitoring over 20,000 WAN links. No small feat. But scalability isn’t just the quantity of computers hooked up to the box, but also how much of the quality of the data you maintain when you’ve got tons of computers hooked up to the box. Or to put it another way, scalability means that in even large deployments, you get all the data at high granularity.
Talking about scalability in pure device count is sort of like talking about network performance purely in terms of fault. It is possible to have poor scalability without having no scalability, when you sacrifice detail for device count.
Another key of scalability that many people don’t think about is performance of the device itself. It would be ironic to purchase a device to monitor network performance that had a very slow UI because it strained under the load of monitoring thousands of links.
One of NetQoS’s many accomplishments over the past six months has been getting a patent on a memory management method and system which allows us to manage hundreds of thousands of combinations in a very small memory footprint.
Memory management is a major part of scalability, because allocating memory during a programming operation is relatively expensive, in terms of operating processor resources, to allocate memory during runtime. Put another way: the more efficiently you use memory, the harder you can push the processor on other tasks. For this reason, scalability requires efficient memory usage.
In addition to our own products, we also use it in our integrations into Cisco Wide Area Application Services (WAAS) – we’re able to integrate code there with little impact to the host systems.
I can’t believe I missed this the first time around.
I was so focused on how the online Olympic video was getting through the last mile, that I completely forgot to ask: How the heck are they getting it from Beijing to the U.S.?
Douglas Gourlay at Cisco has been blogging about how NBC’s been using Cisco’s Wide Area Application Services (WAAS) for WAN optimization, so that NBC’s video editors can use three 155Mbps OC-3 pipes, combined and load-balanced (with, of course, Cisco gear) to get the files directly from Beijing. While I’m not 100% sure on “as if they were stored locally,” holds true, it’s clear that WAAS is capable of some amazing stuff – we know because NetQoS has SuperAgent integration on WAAS devices and ACE load balancers. We track stuff like that all the time.
“This reduces operating costs of housing, air travel, transportation, and food. Avoiding 800 airplane trips also supports NBC’s green initiatives for the Olympic Games.”
It also probably makes the video editors a bit grumpy that they didn’t get to go to Beijing.
What I’m curious about is what will happen after the Olympics. Just as Olympic stadiums still stand – and are used – in every host city, I’m wondering if the infrastructure that NBC has to Beijing to deliver high definition video will remain after the Olympics. As China starts to become a new superpower, more news and information is bound to come from Beijing, after all.
And if this can be done for one series of events in one major city, is it that far off from having video-heavy WANs in every city to cover every major event?
While we’ve talked quite a bit about what impact the Olympics may have on an enterprise network’s performance, we haven’t talked much about the performance of the NBC site hosting the live streaming of the Olympics.
According to Jason Perlow at ZDNet, Limelight networks (which hosts the streaming videos) deployed the videos by going to the public internet by hosting the content more locally – at the ISP. That means you’re viewing the Olympics through your ISP’s internal network, and the broader internet doesn’t even enter into the connection.
This is smart thinking, it appears to be working, and by all measures this should be applauded. Perhaps even duplicated – if you know that multiple employees will download the same content, local hosting on the LAN is preferable to duplicate download streams tying up the more expensive, slower WAN lines.
From the enterprise end of the equation, the fact that Limelight is delivering Olympics video more effectively just means that IT managers cannot count on their servers going down from being unable to handle the demand – IT managers still need to monitor their own networks for performance problems when a big event like the Olympics come up.
However, it would be wrong to assume that Limelight’s strategy is the only reason why Olympic live-streaming hasn’t slowed to a trickle.
First of all, the site blocks 95.44% of visitors from accessing the content – because it limits the content only to those in the United States. That’s a lot of people.
Secondly, the site requires Microsoft Silverlight. Most people don’t have Silverlight installed. Some can’t even install it on their systems. And there are certainly going to be a quite a few people who just didn’t think installing Silverlight was worth the bother to watch five minutes of Olympic footage they may be mildly interested in.
And finally – none of the really popular sports are being streamed. Gymnastics, Women’s Beach Volleyball, Swimming (with the exception of synchronized) and most of the track and field events aren’t available live. So you’re left with judo, fencing, and the decathlon.
So while it is a true technological wonder that the lights have stayed on and the site performs admirably – it is important to recognize that Limelight has not found a magic bullet to deal with extremely high internet video demand.
Recently, a posting on Slashdot linked to a story from PC Magazine called “Texas PC Repair Now Requires PI License.” Obviously, this story has gathered tons of attention, and if strictly true, would have a major impact on IT departments across the state, if not the nation.
The law in question is Texas HB 2833, which is an updated collection of amendments to laws regarding private security services. It explains who, exactly, is required to get a private investigator’s license.
The controversial bit of the law in question seems to be this bit. The underlined part is what has been added:
SECTION 4. Section 1702.104, Occupations Code, is amended to read as follows: Sec. 1702.104. INVESTIGATIONS COMPANY.
(a) A person acts as an investigations company for the purposes of this chapter if the person:
(1) engages in the business of obtaining or furnishing, or accepts employment to obtain or furnish, information related to:
(A) crime or wrongs done or threatened against a state or the United States;
(B) the identity, habits, business, occupation, knowledge, efficiency, loyalty, movement, location, affiliations, associations, transactions, acts, reputation, or character of a person;
(C) the location, disposition, or recovery of lost or stolen property; or
(D) the cause or responsibility for a fire, libel, loss, accident, damage, or injury to a person or to property;
(b) For purposes of Subsection (a)(1), obtaining orfurnishing information includes information obtained or furnished through the review and analysis of, and the investigation into the content of, computer-based data not available to the public.
Because the law can be difficult to interpret, the Texas Private Security Bureau issued an opinion statement which clarified their position on this matter. The controversial statements there seem to be:
Computer Repair & Technical Assistance Services October 18, 2007
Computer repair or support services should be aware that if they offer to perform investigative services, such as assisting a customer with solving a computer-related crime, they must be licensed as investigators… [Text of law posted above.]
Please be aware that providing or offering to provide a regulated service without a license is a criminal offense. TEX. OCC. CODE §§1702.101, 1702.388. Employment of an unlicensed individual who is required to be licensed is also a criminal offense. TEX. OCC. CODE §1702.386.
and:
Computer Forensics August 21, 2007
First, the distinction between “computer forensics” and “data acquisition” is significant. We understand the term “computer forensics” to refer to the analysis of computer-based data, particularly hidden, temporary, deleted, protected or encrypted files, for the purpose of discovering information related (generally) to the causes of events or the conduct of persons. We would distinguish such a content-based analysis from the mere scanning, retrieval and reproduction of data associated with electronic discovery or litigation support services.
For example, when the service provider is charged with reviewing the client’s computer-based data for evidence of employee malfeasance, and a report is produced that describes the computer-related activities of an employee, it has conducted an investigation and has therefore provided a regulated service. On the other hand, if the company simply collects and processes electronic data (whether in the form of hidden, deleted, encrypted files, or otherwise), and provides it to the client in a form that can then be reviewed and analyzed for content by others (such as by an attorney or an investigator), then no regulated service has been provided.
… Consequently, we would conclude that the provider of computer forensic services must be licensed as an investigator, insofar as the service involves the analysis of the data for the purposes described above.
In order to clarify some of this and figure out what this would mean to both personal computer repair technicians and network engineers, analysts and system administrators, we contacted Texas State Representative Joe Driver, who authored the bill, Matt Miller at the Texas branch of the Institute for Justice, which has launched a suit against the Texas Private Security Bureau, and RonEarl Bowie of the Texas Private Security Bureau. We’ll have podcasts and transcripts available on this site soon.
First, Texas State Representative Joe Driver, Author of Texas HB 2833:
Editor Brian Boyko, at NPD: So, could you tell me a little bit about who you are and what you do in the Texas Legislature?
Rep. Joe Driver: Hi. My name’s Joe Driver, I am state representative from Garland, Sachse, and Rowlett area which is Northeast Dallas County. I’m the current chairman of the Law Enforcement Committee, and this is my eighth term.
NPD: How often are each of those terms, two years, four years?
Driver: Two years.
NPD: So you have 16 years of experience writing legislation. And you authored this bill, I believe it’s [Texas] HB 2833?
Driver: Yes, sir.
NPD: Now that's currently a bill, not a law, correct? Or has it been passed?
Driver: No, it's been passed. The governor signed it.
NPD: Let me just bring up the law right here - and I'm looking at it. It is "an act relating to the licensing and regulation of certain private security services." Could you tell me a little bit more about what this act was designed to do?
Driver: Basically, it was a clean-up situation for the Securities Act. We felt like we had to go in and clean some things up. Some of it was old stuff, some of it was new stuff, but basically we worked pretty hard to try to just get it so that it was easier for people to interpret and - you know, some things hadn't been changed for quite a few years, so we were going through it, trying to just basically do a real thorough clean-up, and it turned into what you'd call an omnibus bill which is basically something that encompasses a lot of different areas.
NPD: How has the law changed for people who practice investigative services?
Driver: Well, there's quite a few changes in there. I really truthfully couldn't go into all of it, I mean, it's a pretty good sized bill. Of course, the one that's - there's some area that's getting some, I don't know, "interest" out there, but I think it's interest that has been generated by a group of folks, and basically in their newsletter, they just opened a new chapter in Texas and decided to file a lawsuit. That's all in one sentence - so it sounds like they decided to file the lawsuit so they could bring some attention to their new chapter.
NPD: It does to me that the law... now, I am not a lawyer...
Driver: Me neither.
NPD: I am not a... um... pretty good reader of bills. So, what I wanted to know... The claim is that people who repair personal computers would need to get a private investigator's license in order to continue repairing computers.
Driver: Yeah, and that's what they're claiming. It's interesting that they're claiming all that, and they filed a lawsuit on the same day that they decided to open their Texas chapter. To me, I just felt it was a way they're getting a lot of free publicity, and a lot of free press, and free TV time and free radio time, because the bill to me, it says what it says. There's three words that describe somebody that repairs computers, and that's if people retrieve or provide information, and there's three words that somebody "reviews, analyzes, or investigates" that material, then, they do need to have some sort of security clearance because they're delving into people's private lives or private property on the computer.
NPD: The one thing that I noticed was that it seems very clearly that this is for personal computer investigators, like someone who does analysis to determine whether a crime has been committed or something has been stolen, or intellectual property has been violated. It doesn't seem to me that this would apply to people trying to just recover information for the person's wishes.
Driver: Right, and you're correct. You used one of the key words in my opinion, which is "analyze." "Review, analyze, and investigate" are the three key words, in my opinion, that drive the need for people to have some kind of license. Because if they're doing some of that, then they don't need to be - it doesn't need to be just anybody able to do that - they need to have somebody that has a security license. But if someone's just retrieving information and providing information for someone who is going to analyze, to use one of the words, then that's just a regular computer repair person. And those guys are great, they're good at what they do, and we never intended for them to get any kind of license other than have the ability to repair.
NPD: So, how do you think this came about - you mentioned that there was a new group - I think I may have a copy here of - are you talking about the Institute for Justice?
Driver: Yeah, yeah, that's them. Well, and I think - to me - that - I mean I've got something, I don't know if it’s a press release or just some information about them, but they actually said in here that they tell about how they're the "nation's leading litigators." They have a little cute name for them, and I thought I could think of that, but I'm not coming up with it. But, they basically said, "we fight for the rights of those violated by the government." And they're opening their new Texas chapter today (whenever this was written) by filing a lawsuit against the Texas Private Security Board. So they're kind of kicking off their opening - well, what better to draw attention to someone's opening then to get a lot of free press - they don't have to go out and advertise because - and I'm not criticizing you guys [the media] because, I'm just saying, that - to me, that's what they intended and that's part of what they did.
So. Lawyers can interpret, like you and I know, and we're not both, either one of us, luckily, they can interpret the same word three different ways if you get three different lawyers. And, I think that's what they decided to do here, and - to me, if someone reviews, analyzes, or investigates, they need a license. If they're just retrieving, providing or preparing information, that's what computer companies do, and as long as they want to do that, they're fine.
NPD: There is another possibility though - there is, - you wouldn't call them computer repairmen. There are people who work in enterprise networks, and we even have a term for it, "Network Forensics."
Driver: Like forensic scientists and all that stuff?
NPD: Not so much forensics...
Driver: That's the investigative part.
NPD: Not so much forensic scientists like a criminal forensic scientist. But for example, if a network is running slowly, not running at peak performance, there are tools that people can use to determine which computer may be slowing it down. Is it a virus - and that's all investigative work, but not investigative work related to criminal activity. It's just - so basically I'm wondering if maybe the law could have been written - not thinking about this possibility, and that maybe there might be some sort of loophole that needs to be amended. Does this just not apply to companies trying to improve their network performance?
Driver: Truthfully, you may be just a little bit out of my realm of comprehension on that, because, maybe that's something we need to look at tweaking, along those lines, to clarify that situation. We talked to lots of folks when we were writing this. Maybe we didn't talk to enough folks. But, as far as those types of things - maybe just a little bit far out of my comprehension on that. But the whole deal - like, if you have an IT person, (just cause that's all the terms I know,) IT person that somebody says, "Hey, we want you to delve into this person's computer, and find out what's going on." Well, if they delve into that person's computer, and - this is all I know about computers - and hands the information over to somebody else, then they don't need any kind of license because they're just doing their retrieving job. So, if the area you're talking about is different from that, you're probably out of what I understand and maybe something we have to look at.
But - anytime we do anything this massive, a lot of times there are areas of tweaking. But I just thought the coincidence of this particular group filing this lawsuit and bragging about filing the lawsuit on the day they opened their new chapter was just - coincidental and - because the intent of the bill was, as I've been saying, was, if you retrieve and provide information, you don't need a license.
Because I'm sure not trying to put anyone out of business. I'm a small business person, I would never do that!
NPD: What business do you run?
Driver: I'm in insurance sales.
NPD: What I'm wondering is if there is - like a specific exemption in the law that - most of these forensic investigators for network performance tend be of one of two types - the first time is that they're in-house, and that the company hires these people to do this job on the computers that the company owns. And if there's a specific exemption for investigative work on material that you own yourself. And the second, sometimes the people are hired by the company as a separate company - not direct employees, but outsourced. Is this something that might be protected under the law even if it falls under the "investigative" arm?
Driver: If it falls under the investigative arm, probably not, but I - I don't know about what you're describing to really comment more than that. I mean, I wish I did. But in this particular case, I don't. It's just a little deeper into the computer world than I know about.
NPD: You don't foresee legis-- any activity... what's the word I'm looking for...
Driver: A future bill, maybe, corrective measures, tweaking, something along those lines?
NPD: I was actually thinking of enforcement against-- you don't see this possibly being enforced against..
Driver: I don't. I don't. I really don't. I don't see - and then again, and it may be something that we may need to look at. And we may have somebody else look at it. Every time we have something like this come up we have people that want to tweak it just a little bit or change it just a little bit. And I'm not hardcore set against it. If it causing somebody problems then we ought to change it. I don't foresee it doing that but, I don't know. I mean, I really don't think it is. But if we find out that it does, that's what we're there for, to make sure it's written correctly and if it's not, we're going to change something a bit to make it right. Cause we're not after anybody, that's for sure, except the people that are doing investigative service for a living and yet, they don't want to bother with having - giving any kind of background or being qualified or licensed in any way.
NPD: That's pretty much all the questions I had.
Driver: Well, I wish I could have given you better answers. I think I kind of danced around one that - just because I don't have enough knowledge.
NPD: Don't worry about it - I'm not saying that - we're getting into some technical stuff. This isn't even a technical bill.
Driver: Not in intent, anyway.
NPD: History's full of bills that had to be amended after the fact because of something.
Driver: Well if you find out more information about it and found we really need to do something about it, call me back, and we'll get back in session, maybe we can use you for a little information, as far as how to do it right.
When network users call the Help Desk to report poor application performance, you don’t typically hear things like “The router’s CPU is too busy!,” “The network utilization is above 70%!,” or “The carrier path has failed-over to a sub-optimal path.” Instead, what you’re likely to hear is “The network is slow” or “The calls on my IP phone sound terrible.”
Complaints that end-users lodge are nearly always based their quality of experience using the application. And their quality of experience is almost always reliant on time.
Anytime a significant delay occurs in the delivery of network data, application performance suffers. Depending on the type of application and how it works, variances in network delay can have a severe impact on application performance thereby degrading end-user’s experiences.
Two important measurements of time intervals in network transmission systems are referred to as “latency” and “jitter”. Understanding latency and jitter sources and how their values vary in network architectures is critical to engineering application performance and optimizing information resources. For many regular readers, this will be old-hat, but we’ll go over it again.
Network latency is the amount of time it takes for a packet to be transmitted end-to-end across a network and is composed of five variables:
Serialization Delay refers to the amount of time it takes for a network interface (such as a router’s interface or computer’s NIC) to perform bitwise transmission of a frame unto the outbound media, Forwarding Delay is the amount of time it takes a network device to process a frame/packet by performing a destination address lookup and forwarding the frame/packet to the outbound interface, and Protocol Delay is the amount of time that access or transmission algorithms may contribute to the delay of a network frame, and is typically introduced at the endpoints of the data transmission system.
Serialization delay, on a per-packet basis, becomes insignificant at data rates above 1.544 Mbits/s – or a T1. Forwarding delay is typically insignificant in modern routers and switches (when appropriately configured – significant delay can occur in misconfigured routers.) And Protocol delay typically occurs at the access layer or the end points. So the two major variables that have the most effect on network latency are Distance Delay and Queue Delay.
Distance Delay is simply the minimum amount of time that it takes the electrical signals that represent bits to travel down the physical wire. Optical cable sends bits at about ~5.5 µs/km, copper cable sends it at ~5.606 µs/km, and satellite sends bits at ~3.3 µs/km. (There are a few additional microseconds of delay from amplifying repeaters in optical cable, but compared to distance, the delay is negligible.)
Distance delay can have a significant impact on application performance for applications that require a large number of network round trips in order to complete a transaction – for example, custom transactional based applications, database queries, and VoIP, which begins do degrade when one-way end-to-end latency exceeds 200-220 milliseconds.
One of the biggest sources of end-user ire are database queries designed to run over a LAN ported to the WAN. For example if a user executes a SQL database query that requests 100 rows of a database table, one row at a time, over a link with a latency due to distance of 60 ms, it would take approximately 6 seconds (60 ms * 100 turns) to complete the transaction. The same query executed by a user on a LAN connected to the same database server would take less than 2-3 ms to be completed, as the latency due to distance across the LAN is insignificant.
Queue Delay is the amount of time a packet must spend in a network buffer waiting its turn to be transmitted. Network interfaces transmit one frame at a time, typically one bit at a time. As such, when two or more packets are forwarded to a network interface at the same time, or close to the same time – one packet is transmitted while the others are put in a queue on the interface buffer to await their turn at the interface. Packets that are put into the queue must wait until they can be transmitted, adding milliseconds of delay.
Increases in Queue Delay can be measured and detected by monitoring traffic along a given network path. Typically, most intermittent increases in latency above the baseline distance latency can be attributed to network congestion. (In order to reduce the possibility of excessive queue delay, application servers that are members of the same application architecture should be placed on the same Ethernet switch and on the same VLAN to ensure they do not have to compete for uplink bandwidth when problems like the one pictured above occur.)
Worse still, if the problem gets worse and packets wait in increasingly longer lines within the queue, the buffer may become full and the packets may be dropped. Packet drop, in turn, causes TCP connections to throttle back on the rate of transmission.
Those are some of the main causes of latency – but what about jitter?
Jitter is a term that refers to the variance in the arrival rate of packets from the same data flow, and abnormal jitter values can negatively impact real-time applications like VoIP and video. Jitter is typically created by three different mechanisms in a network: variance in Serialization Delays due to variance in packet sizes, variance in per-packet Queue Delay due to packet spacing from multiple sources at a common outbound interface, or packets taking different routes from source to destination – perhaps due to per-packet load sharing or routing issues.
The most effective way to deal with jitter is by using low-latency queuing for VoIP and video traffic on network interfaces with large serialization and/or queue delays. In addition, endpoints (such as IP phones) can use jitter buffers or playout delay buffers in order to deliver received packets at a constant rate to the end consumer. These buffers are typically 30-50 ms in depth, and thus they attempt to manage jitter values within these values on any single one-way path. While these buffers technically add 30-50ms in latency, they significantly reduce jitter. Since human beings don’t start to notice latency in VoIP or VideoIP applications till it hits about 200ms, if latency can be kept to under 150 milliseconds, then jitter can be significantly reduced using this method.
We’ve mentioned numerous times about broadband penetration and speed lagging behind countries more rural and less populated – in other words, countries the U.S. has no excuse lagging behind.
Ars Technica recently put out an article detailing what differences in national broadband policy exist that have enabled other nations to surpass the U.S.’s broadband capability. Japan and France have local loop unbundling – that allows for more competition among ISPs. They also both deploy fiber instead of copper even if it doesn’t show an immediate profit, and competing ISPs are rolling out new fiber infrastructure instead of just leasing lines.
Japan, France, Sweden, and Canada all treat broadband as a “core infrastructure element” – that is, it is treated as vital to the functioning of the national economy as good roads, bridges, tunnels, and electrical grids.
In all fairness, the U.S. can claim the same thing. The U.S. may have no broadband policy, may be looking to traffic shaping to solve problems that would be better addressed by more fiber rollouts (oh, and by the way, there’s a new $800,000 deep packet inspection device on the market today to help service providers monitor and shape traffic), and may be relying on increasingly obsolete technologies – but at least we treat it the same as we do our roads, bridges, tunnels, and electrical grids.
Instead, the government is considering plans to lease highways to private companies – using tolls to provide a “free market” solution to the infrastructure problem – but which will ultimately be a government sanctioned private monopoly over certain sections of blacktop. It is difficult to see how this would improve infrastructure, rather than simply allowing private companies to charge the maximum people will pay for the minimum infrastructure service people will put up with.
So, as far as treating broadband infrastructure like the rest of America’s infrastructure, it seems we already do that. But what needs to be clear is that broadband infrastructure is infrastructure – that is, it is just as important for the rural area to get good broadband as it was for them to get good roads back during the Eisenhower administration.
In a macabre way, this limited broadband is good for vendors; if broadband was plentiful there wouldn’t be so great a demand for WAN Optimization tools, for example. Sure, WAN Optimization is a good idea anyway but it is the high cost of bandwidth that spurs demand forward. It is becoming harder to maintain performance not just because of the various new demands on the network but also because the infrastructure across the country is simply inadequate – thus the demand for network performance monitoring tools. Increasing bandwidth doesn’t always solve the network problem but insufficient bandwidth always creates one.
by Brian Boyko