1. Barath Raghavan, Kashi Vishwanath, Sriram Ramabhadran, Kenneth Yocum, Alex C. Snoeren Defense: Rejaie Johnson, Xian Yi Teng

2. Outline  Introduction  Classes of Clouds  Limiter Design  Evaluation Methodology  Evaluation  Conclusion

3. Introduction  Distributed computing today: software as a service  Google Documents  Groove Office  Windows Live  Benefit for users: Easier management  Benefit for service provider: Leverage widely distributed computing infrastructures

4. Introduction  Barrier: Loss of cost control (how to bill?)  Amazon’s EC2: metered pricing (but customers prefer flat fee)  Flat fee => provider must be able to limit consumption to control costs (but difficult to do in a distributed environment)  Focus: Control aggregate network bandwidth, distributed rate limiting (DRL)

5. Introduction  Goal: Allow set of distributed traffic rate limiters to collaborate to subject a class of network traffic (e.g. one service) to single, aggregate global limit  Resource provider, 10 hosting centers, limit 100 Mbps, current options:  100 Mbps each hosting center (might all use this limit simultaneously => 1 Gbps)  10 Mbps each center (efficient use unlikely unless traffic perfectly balanced)

6. Introduction  Key challenge: Flows arriving at different limiters should achieve same rates as if they were all traversing a single shared rate limiter  We present illusion of passing all traffic through single token-bucket rate limiter  Key challenge: Measuring demand of aggregate at each limiter, apportioning capacity in proportion to that demand

7. Classes of Clouds  Limiting cloud-based services  Cloud-based services: Clients see unified service, transparent of independent physical sites  DRL provides providers ability to control network bandwidth as if sourced from single site => no migration necessary, bandwidth gravitates towards sites with most demand

8. Classes of Clouds  Content distribution networks  Content replication of third-party web sites at numerous geographically diverse locations, improve performance, scalability, reliability  With DRL, CDNs can set per-customer limits based on service-level agreements  Protective mechanism to rate limit nefarious users

9. Classes of Clouds  Internet testbeds  Planetlab currently has bandwidth limits at each individual site, cannot do across multiple machines  DRL provides effective limits for Planetlab service distributed across North America

10. Classes of Clouds  Assumptions and scope:  No QoS guarantees  Can identify traffic belonging to particular service  Discussion in single service without loss of generality

11. Limiter Design  Peer-to-peer limiter architecture  Tasks:  Estimation  Communication  Allocation  Periodically measure traffic arrival rate, communicate to other limiters, receive rates from other limiters, computes estimate of global rate, determine how to service local demand to enforce global rate

12. Limiter Design  Estimation: compute average arrival rate over fixed time intervals, use exponentially- weighted moving average (EWMA) filter to smooth out short-term fluctuations (settings determined later)  At the end of each estimate interval, local changes merged with global estimate, and each limiter disseminates local changes to other limiters – gossip protocol used with UDP

13. Limiter Design  Allocation  Global token bucket (GTB)  Global random drop (GRD)  Flow proportional share (FPS)

14. Limiter Design  Global token bucket

15. Token Bucket  Common trick used to control amount of data injected into network, allowing bursts  There is a bucket that can hold limited number of tokens  Tokens are added to bucket at some rate  If token comes when bucket is full, it is discarded  When packet arrives, some number of tokens removed, packet is sent to network  Packet arrives when bucket is empty => dropped

16. Limiter Design  Global token bucket  Emulate centralized token bucket  Each limiter’s token bucket refreshes at global rate  At every interval, local rate computed and sent, obtain local rates from other limits, sum, removes tokens at this global rate  Highly sensitive to stale observations, impractical at large scale or in lossy networks

17. Limiter Design  Global random drop  Instead of emulating central limiter, emulate drop rate of centralized case  Same as before, collect demand from other limiters, then compute drop probability – proportional to (demand-limit)  Is better over longer periods of time, does not capture short-term effects

18. Limiter Design  Flow proportional share

19. Evaluation Methodology  3 metrics: Utilization, flow fairness, responsiveness  Basic goal: hold aggregate throughput across all limiters below global limit  Achieve fairness equal to or better than that of centralized token bucket limiter

20. Evaluation Methodology  Evaluation on emulation testbed with ModelNet  Simple mesh topology to connect limiters  Each source and sink pair routed through single limiter  100 Mbps links

21. Evaluation  Flow Dynamics  FPS only requires updates as flows arrive depart, or change their behavior  Baseline  Loaded Limiters with 10 unbottledneck TCP flows  Chose a 3-7 skew  Aggregate apportioned between limiters in about to 3-7 split.

22. Evaluation  Mixed TCP flow round-trip times  FPS provides a higher degree of fairness between RTT’s  Traffic Distributions  Evaluated the effects of varying traffic demands  Bottlenecked TCP flows  Have the ability of FPS to correctly allocate rate across aggregates of bottlenecked and unbottlenecked flows.

23. Conclusion  Demands on traditional Web-hosting and ISP’s are likely to shift  Our experiments show that naïve implementations are unable to deliver adequate levels of fairness.  Our results demonstrate that it’s possible to recreate the flow behavior that end users expect from a centralized rate limiter.