CONFIDENTIAL

Advanced Traffic Steering

& Optimization Technologies
Bart Salaets
Solutions Architect EMEA

Agenda
Recent Evolutions in Traffic Steering
Flow-based vs Transaction-based Traffic Steering
Service Chaining & IETF Activities
TCP Optimization

Summary

F5 Networks, Inc

CONFIDENTIAL

Recent Evolutions in Traffic Steering

Traditional Steering to VAS & Optimization platforms

A router steers all port 80 traffic to VAS platforms
STATIC STEERING

RTR

PGW/
WIFI-GW

DPI

L2/L3

L7

Firewall/CGNAT

Internet

L4

All port 80 traffic service chained

through all VAS platforms
Data Center

L4 LB/ADC

Video
Optimization

F5 Networks, Inc

Transparent
Caching

Parental
Controls

CONFIDENTIAL

L7+ - Application Services

WAP
Gateway

Intelligent traffic steering to VAS platforms

Offloading VAS services & Optimizing infrastructure utilization

INTELLIGENT STEERING

L4-L7 Steering
PCRF

DRA
Diameter Gx

PGW/
GGSN

RTR

Intelligent Steering
Platform

CONTEXT
SUBSCRIBER
DEVICE-TYPE
RAT-TYPE
CONTENT (VIDEO, URI, ... )
CONGESTION
F5 Networks, Inc

DPI

Firewall
CGNAT

Internet

Context-aware & policy-driven

steering & intelligent service chaining
Data Center

Video
Optimization

Transparent
Caching

Parental
Controls

CONFIDENTIAL

WAP
Gateway

Intelligent traffic steering to VAS platforms

Example : Subscriber and RAT-type based steering / service chaining

INTELLIGENT STEERING
DIAMETER Gx
(subscriber policy indicates
parental control)

RADIUS
(RAT-TYPE updates for subscriber
in interim accounting)

PGW/
GGSN

CONTEXT

RTR

F5 Networks, Inc

Intelligent Steering
Platform

Steering leg
controlled
by Radius

SUBSCRIBER POLICY
DETERMINES STEERING TO
PARENTAL CONTROL
RAT-TYPE DETERMINES
STEERING TO VIDEO OPT.

PCRF

DPI

Steering leg
controlled
by PCRF

Firewall
CGNAT

Internet

Policy-controlled Service Chain

(per-flow steering/chaining)

Data Center

Video
Optimization

Transparent
Caching

Parental
Control

CONFIDENTIAL

WAP
Gateway

Flow-based vs Transaction-based
Traffic Steering

Need for Transaction-based Steering Video Optimization

The Service Provider Challenge
Video optimization technology is expensive and steering all port 80 traffic to it is not
considered economically viable going forward
Increasing desire to offload any HTTP traffic that is not carrying video
Increasing desire to offload ABR video traffic (as transrating/transcoding no longer needed)
The Technical Challenge
Accurate video detection requires checking both the HTTP request and the response headers
If the detection happens at the response level, how can we steer video to video optimizers
after-the-facts (connection to video server is already established) ?
The Technical Solution
HTTP request-based & response-based steering
Per-flow steering is not adequate for this use case (see next slide)

F5 Networks, Inc

CONFIDENTIAL

HTTP Messages Differ from IP Packets & TCP Flows

HTTP Header Split Across packets

Packet Header

TCP/IP Packet
Multiple Messages in one packet
HTTP Message Header

HTTP Message Body

GET / HTTP/1.1\r\n
Host: www.myhost.com\r\n
Transfer-Encoding: chunked\r\n
Cookie: userId=username,
userData=abdefa1839290\r\n
User-Agent: Mozilla\r\n
\r\n

<body data>
0\r\n

Body Terminator
for chunked mode

HTTP message can span multiple

packets
Packets may have multiple HTTP
messages
Delimiting HTTP messages may
require inspection of every byte
Message steering in some cases
may cause TCP stream to be split
may lead to chaos in client to end
point communication

Steering on HTTP Request & Response

Steering on request
Establish TCP connection with client (full handshake)
Accumulate HTTP request message(s) in that TCP connection
For each HTTP request message in the TCP connection from the client
Parse the HTTP request headers and select VAS based on steering policy
Establish new TCP connection with the VAS selected in the steering policy and forward the
accumulated HTTP message (in case of service chaining there will be several connections)
Steering on response
Establish TCP connection with client and establish another TCP connection with the server
forward HTTP messages between client and server
For each HTTP response message in the TCP connection from the server
Parse the HTTP response headers and select VAS based on steering policy
But how do we steer to the VAS ? The connection with the server is already established ...
F5 Networks, Inc

CONFIDENTIAL

10

Steering on Response Call flows

PGW/
GGSN

RTR

RAN

Intelligent Steering
Platform
INTERNET

Mobile
Client

HTTP Request from client

Forward Request

Response to Client with 302 redirect to

same URI extended with
classification and policy results

HTTP Response

Origin
Server

POLICY EXECUTION

Video
Optimization

F5 Networks, Inc

CONFIDENTIAL

IF
CONTENT-TYPE STARTS WITH VIDEO/
CONTENT-LENGHT > 1024KB
THEN
REDIRECT TO VIDEO OPTIMIZATION

11

Steering on Response After the HTTP redirect

PGW/
GGSN

RTR
Intelligent Steering
Platform

RAN

INTERNET

New HTTP request with extended URI

Mobile
Client

Optimized Response

Origin
Server

Steer Request to
Video Optimizers

Optimized
Response

POLICY EXECUTION
IF
URI CONTAINS VIDEO CLASSIFICATION INFO
THEN
STEER TO VIDEO OPTIMIZATION
& DELETE CLASSIFICATION INFO FROM URI
F5 Networks, Inc

New connection

Video
Optimization

CONFIDENTIAL

12

Service Chaining & IETF Activities

IETF Service Chaining Working Group

IP networks rely more and more on the combination of advanced functions
Besides basic routing and forwarding functions

Goal : Enforce service-inferred forwarding for traffic traversing a given domain

Differentiated by the set of Service Functions to be invoked
Service-inferred forwarding is policy-based. Policies may be:
Subscriber-aware
Based on flow characteristics
TE-oriented (e.g., optimize network resource usage)
Combination of the above

Several Service Function Chaining (SFC) IETF drafts available

F5 Networks, Inc

CONFIDENTIAL

14

IETF Service Function Chaining Examples

SFC ingress : Policy classification will determine service chain SFC-ID
pointing to a sequence of service functions (SFs)
All Service Functions may be policy controlled via a control plane
Meta-data can be added to the packets (to convey the SFC-ID to the SFs)
Service Functions can be physical or virtual (NFV)

Packet forwarding between SFs can be plain IP, SDN, overlay networks, ...
SFC-ID=1

LOAD
BALANCER
(SF1)

WEB
PROXY
(SF2)

FIREWALL
(SF3)

SFC-ID=2

DPI
(SF5)

HEADER
ENRICHM.
(SF6)

FIREWALL
(SF3)

F5 Networks, Inc

CONFIDENTIAL

NAT44
(SF4)

16

Static & Dynamic Service Chaining Today

INTELLIGENT SERVICE CHAINING
PCRF

RTR

PGW/
GGSN

Intelligent
Steering Platform

DPI

Firewall
CGNAT

Internet

VAS
Video
Transparent
Optimization
Caching

Parental
Control

WAP
Gateway

STATIC SERVICE CHAINING

DYNAMIC SERVICE CHAINING

INTELLIGENT STEERING POLICY DEFINES A

FIXED SFC (E.G. VAS1-VAS4)

INTELLIGENT STEERING POLICY PER VAS LEG TO

FULLY CONTROL THE SERVICE CHAIN ORDER BASED
ON STATIC OR DYNAMIC PARAMETERS

F5 Networks, Inc

CONFIDENTIAL

17

Static Service Chaining

Intelligent Steering
Platform

DIAMETER Gx

SERVICE CHAIN POLICY A

(subscriber policy points to

service chain A)
PCRF

SERVICE CHAIN

SVC2 {
FROM VAS1
TO VAS2
}

POLICY A

SVC1

SVC3

Mobile
Client

VAS1

F5 Networks, Inc

Origin
Server

SVC2

SVC1 {
FROM SUBSCRIBER
TO VAS1
}

VAS2

CONFIDENTIAL

SVC3 {
FROM VAS2
TO INTERNET
}

18

Dynamic Service Chaining

Intelligent Steering
Platform

SERVICE CHAIN POLICY A

SVC1 {
FROM SUBSCRIBER
TO VAS1
}

DIAMETER Gx

(subscriber policy for subscriber

X indicates service chain A)

VAS1 DID
NOT INSERT
X-TO-VAS

PCRF

SERVICE CHAIN
POLICY A

SVC1

SVC3

Mobile
Client X

Origin
Server

SVC2

SVC2 {
FROM VAS1
TO VAS2
STEERING POLICY P1
}
SVC3 {
FROM VAS2
TO INTERNET
}
STEERING POLICY P1

VAS1

F5 Networks, Inc

RULE R1 {
IF (HDR $X-TO-VAS == INTERNET) {
STEER INTERNET
}
}

VAS2

CONFIDENTIAL

19

Dynamic Service Chaining

Intelligent Steering
Platform

SERVICE CHAIN POLICY A

SVC1 {
FROM SUBSCRIBER
TO VAS1
}

DIAMETER Gx

(subscriber policy for subscriber

X indicates service chain A)

VAS1 HAS
INSERTED
X-TO-VAS
INTERNET

PCRF

SERVICE CHAIN
POLICY A

SVC1
Mobile
Client X

Origin
Server

SVC2

SVC2 {
FROM VAS1
TO VAS2
STEERING POLICY P1
}
SVC3 {
FROM VAS2
TO INTERNET
}
STEERING POLICY P1

VAS1

F5 Networks, Inc

RULE R1 {
IF (HDR $X-TO-VAS == INTERNET) {
STEER INTERNET
}
}

VAS2

CONFIDENTIAL

20

Service Chaining Packet Forwarding

CONNECTION TABLE
IN
Intelligent Steering
Platform

OUT

SMAC

DMAC

SIP

DIP

VLAN

SMAC

DMAC

SIP

DIP

VLAN

MAC_X

M100

IP_X

IP_Y

100

M91

MVAS1

IP_X

IP_Y

91

MVAS1

M19

IP_X

IP_Y

19

M92

MVAS2

IP_X

IP_Y

92

MVAS2

M29

IP_X

IP_Y

29

M200

MAC_Y

IP_X

IP_Y

200

SERVICE CHAIN
VLAN 100

Mobile
Client
(IP_X)

VLAN
91

POLICY A

VLAN
92
VLAN
19

VLAN 200

VLAN
29

Origin
Server
(IP_Y)

CONNECTION-ORIENTED FORWARDING

VAS1

F5 Networks, Inc

VAS2

Intelligent steering platform tracks the source MAC address and

VLAN of incoming connections in the connection table
Return traffic from endpoints and/or pools is sent back to the
MAC address (on the VLAN) that transmitted the request

CONFIDENTIAL

21

Service Chaining Today and Future

SFC Ingress Classification

SFC Ingress Classification

TRAFFIC
STEERING

TRAFFIC
STEERING

SFC Forwarding

VAS
1

VAS
2

VAS
3

VAS
4

SFC Forwarding

VAS
1

VAS
5

VAS
2

VAS
3

VAS
4

VAS
5

Available today TCP & HTTP proxy technology

Discussed in several IETF drafts

Flexible use of steering headers towards VAS

platforms (HTTP headers, DSCP, ... )

Requires all vendors to agree on same

standard (packet header for metadata)

Works with ICAP as well (control plane steer)

How to leverage SDN/NFV and overlay

networking (VXLAN, NVGRE) technology

Practical model for few VAS services

F5 Networks, Inc

Scales to many VAS services

CONFIDENTIAL

22

TCP Optimization

TCP Proxy Optimizing both sides of the TCP connection

Intelligent Steering
Platform

RAN

INTERNET

PGW/
GGSN

RTR

Cell-optimized TCP stack

TCP
PROXY

Mobile
Client

WAN-optimized TCP stack

Origin
Server

TCP proxy approach allows for adequate TCP options & window scaling parameters to be
negotiated separately with the client and the server, optimized for the access technology
Window scaling
Selective ACK
Congestion control mechanisms, Nagle algorithm, etc.

Patent pending optimizations to deal with packet loss & delay specific to cellular networks
Remove the effect of the first few percent of packet loss on congestion control typical for 2G/3G
Avoiding the buffer bloat problems in LTE networks
F5 Networks, Inc

CONFIDENTIAL

24

Ideal TCP stacks would result in

High Goodput

Minimal Buffer
Bloat

Flow Fairness

HOW DO WE ACHIEVE THIS IN 2G, 3G AND 4G NETWORKS ?

F5 Networks, Inc

CONFIDENTIAL

25

Impact of Latency : Web Page Load Times

Slide courtesy of Ilya Grigorik @ Google:

http://www.igvita.com/slides/2012/webperf-crash-course.pdf
F5 Networks, Inc

CONFIDENTIAL

26

Impact of Packet Loss : Throughput Degradation

TCP is designed to probe the network to figure out available capacity
TCP slow start is a feature, not a bug

In mobile networks packet

loss does not necessarily
imply congestion

Avg HTTP
response size
16kB
(so 3 round trips)
F5 Networks, Inc

Slide courtesy of Ilya Grigorik @ Google:

http://www.igvita.com/slides/2012/webperf-crash-course.pdf
CONFIDENTIAL

27

TCP Congestion Control Algorithms in 3G and LTE

TCP Woodside

F5 created algorithm.
Hybrid loss and latency based algorithm.
Minimizes buffer bloat by constantly monitoring
network buffering.

TCP Vegas

Emphasizes packet delay rather than packet loss

Detects congestion based on increasing RTT values of
packets.

TCP Illinois

Targeted at high speed long distance networks

Loss-delay based algorithm.
Primary congestion of packet loss determines
direction of window size change.
Secondary congestion of queuing delay determines
the pace of window size changes.

H-TCP

Targeted for high speed networks with high latency.

Loss-based algorithm.

F5 Networks, Inc

CONFIDENTIAL

28

Reducing Web Page Load Times with TCP Optimization

Real life test results MNO in APAC

Case 2 1 * 10MB image

Case 1 100 * 64KB images

Business
center

Business
center

Shopping
Mall

Shopping
Mall

Residential
Area

Residential
Area

Case 3 Regular website 1

Case 4 Regular website 2

Business
center

Business
center

Shopping
Mall

Shopping
Mall

Residential
Area

Residential
Area

F5 Networks, Inc

CONFIDENTIAL

29

Summary

Traffic Optimization with TCP & HTTP Proxy

Allows for Policy-based Intelligent Traffic Steering
Offloading & cost optimizing the VAS infrastructure

Allows for Static and Dynamic Service Chaining Today

Avoiding to pipe all traffic through all VAS platforms in sequence

Allows for Enhancing the Mobile Subscribers Quality of Experience

Advanced TCP optimization techiques increases the goodput and user experience
over the 2G, 3G and LTE radio infrastructure

F5 Networks, Inc

CONFIDENTIAL

31

 F5 Networks, Inc

CONFIDENTIAL

32