Barath Raghavan, Kashi Vishwanath, Sriram Ramabhadran, Kenneth Yocum, Alex C. Snoeren

Defense: Rejaie Johnson, Xian Yi Teng

Outline

Introduction Classes of Clouds Limiter Design Evaluation Methodology Evaluation Conclusion

Introduction

Distributed computing today: software as a service Google Documents Groove Office Windows Live

Benefit for users: Easier management Benefit for service provider: Leverage

widely distributed computing infrastructures

Introduction

Barrier: Loss of cost control (how to bill?) Amazon’s EC2: metered pricing (but

customers prefer flat fee) Flat fee => provider must be able to limit

consumption to control costs (but difficult to do in a distributed environment)

Focus: Control aggregate network bandwidth, distributed rate limiting (DRL)

Introduction

Goal: Allow set of distributed traffic rate limiters to collaborate to subject a class of network traffic (e.g. one service) to single, aggregate global limit

Resource provider, 10 hosting centers, limit 100 Mbps, current options: 100 Mbps each hosting center (might all

use this limit simultaneously => 1 Gbps) 10 Mbps each center (efficient use

unlikely unless traffic perfectly balanced)

Introduction

Key challenge: Flows arriving at different limiters should achieve same rates as if they were all traversing a single shared rate limiter

We present illusion of passing all traffic through single token-bucket rate limiter

Key challenge: Measuring demand of aggregate at each limiter, apportioning capacity in proportion to that demand

Classes of Clouds

Limiting cloud-based services Cloud-based services: Clients see

unified service, transparent of independent physical sites

DRL provides providers ability to control network bandwidth as if sourced from single site => no migration necessary, bandwidth gravitates towards sites with most demand

Classes of Clouds

Content distribution networks Content replication of third-party web

sites at numerous geographically diverse locations, improve performance, scalability, reliability

With DRL, CDNs can set per-customer limits based on service-level agreements

Protective mechanism to rate limit nefarious users

Classes of Clouds

Internet testbeds Planetlab currently has bandwidth

limits at each individual site, cannot do across multiple machines

DRL provides effective limits for Planetlab service distributed across North America

Classes of Clouds

Assumptions and scope: No QoS guarantees Can identify traffic belonging to

particular service Discussion in single service without loss

of generality

Limiter Design

Peer-to-peer limiter architecture Tasks:

Estimation Communication Allocation

Periodically measure traffic arrival rate, communicate to other limiters, receive rates from other limiters, computes estimate of global rate, determine how to service local demand to enforce global rate

Limiter Design

Estimation: compute average arrival rate over fixed time intervals, use exponentially-weighted moving average (EWMA) filter to smooth out short-term fluctuations (settings determined later)

At the end of each estimate interval, local changes merged with global estimate, and each limiter disseminates local changes to other limiters – gossip protocol used with UDP

Limiter Design

Allocation Global token bucket (GTB) Global random drop (GRD) Flow proportional share (FPS)

Limiter Design

Global token bucket

Token Bucket

Common trick used to control amount of data injected into network, allowing bursts

There is a bucket that can hold limited number of tokens

Tokens are added to bucket at some rate If token comes when bucket is full, it is

discarded When packet arrives, some number of

tokens removed, packet is sent to network Packet arrives when bucket is empty =>

dropped

Limiter Design

Global token bucket Emulate centralized token bucket Each limiter’s token bucket refreshes at

global rate At every interval, local rate computed and

sent, obtain local rates from other limits, sum, removes tokens at this global rate

Highly sensitive to stale observations, impractical at large scale or in lossy networks

Limiter Design

Global random drop Instead of emulating central limiter,

emulate drop rate of centralized case Same as before, collect demand from

other limiters, then compute drop probability – proportional to (demand-limit)

Is better over longer periods of time, does not capture short-term effects

Limiter Design

Flow proportional share

Evaluation Methodology

3 metrics: Utilization, flow fairness, responsiveness

Basic goal: hold aggregate throughput across all limiters below global limit

Achieve fairness equal to or better than that of centralized token bucket limiter

Evaluation Methodology

Evaluation on emulation testbed with ModelNet

Simple mesh topology to connect limiters

Each source and sink pair routed through single limiter

100 Mbps links

Evaluation

Flow Dynamics FPS only requires updates as flows arrive

depart, or change their behavior Baseline

Loaded Limiters with 10 unbottledneck TCP flows

Chose a 3-7 skew Aggregate apportioned between limiters

in about to 3-7 split.

Evaluation

Mixed TCP flow round-trip times FPS provides a higher degree of fairness

between RTT’s Traffic Distributions

Evaluated the effects of varying traffic demands

Bottlenecked TCP flows Have the ability of FPS to correctly

allocate rate across aggregates of bottlenecked and unbottlenecked flows.

Conclusion

Demands on traditional Web-hosting and ISP’s are likely to shift

Our experiments show that naïve implementations are unable to deliver adequate levels of fairness.

Our results demonstrate that it’s possible to recreate the flow behavior that end users expect from a centralized rate limiter.