The purpose of this article is to highlight why plain old WAN acceleration (Riverbed, Citrix, Cisco, etc etc) is not enough for optimizing end user experience at remote sites within a virtual desktop infrastructure implementation. What IT needs, and more importantly users need is a way to configure settings that dynamically respond to the user’s choice of applications as their workload changes. For instance, if the user is viewing YouTube or other multimedia sites the QoS tag can be dynamically altered to a lower priority, but when they switch back to an application like SAP for instance, the QoS tag can be altered again to raise the priority of the traffic.
Providing network communication Quality of Service (QoS) guarantees in VDI is a significant problem. Whether it’s a terminal, thin client, repurposed PC or traditional PC with terminal client software, communication to and from the VM is facilitated through a connection brokering technology or “infrastructure access” package. Common protocols include PC-over-IP, Remote Desktop Protocol (RDP) and ICA.
In traditional physical PC network architectures, QoS guarantees are achieved through a standard called Differentiated Services or DiffServ. DiffServ is a mechanism for classifying and managing network traffic. The goal is to provide guaranteed service (GS) to critical network traffic such as voice and email while providing “best-effort” traffic guarantees to lower priority non-critical services such as web traffic or file transfers.
DiffServ operates on a traffic classification principal where individual data packets are placed into a limited number of classes. Each router is configured to differentiate traffic based on its class and each class can be managed in different ways. This ensures that critical network traffic get priority over other non-critical traffic.
Per-Hop Behavior (PHB) is indicated by encoding a 6-bit value called the Differentiated Services Code Point (DSCP) into the 8-bit Differentiated Services (DS) field of the IP packet header. While a network could employ up to 64 different traffic classes utilizing different marking in the DSCP, the common and practical standard is employing the following 4 Per-Hop Behaviors.
• Default PHB: Which is typically best-effort traffic
• Expedited Forwarding (EF) PHB: Dedicated to low-loss, low-latency traffic
• Assured Forwarding (AF) PHB: Which gives assurance of delivery under conditions
• Class Selector PHBs: Which are defined to maintain backward compatibility with the IP Precedence field.
A default PHB is the only required behavior. In general, traffic that does not meet the requirements of any of the other defined classes is placed in the default PHB. Typically, the default PHB has best-effort forwarding characteristics. The recommended DSCP for the default PHB is ‘000000’ (in binary).
Expedited Forwarding (EF) PHB – DSCP= (46 OR 101110)
The EF PHB has the characteristics of low delay, low loss and low jitter. These characteristics are suitable for voice, video and other real-time services. EF traffic is often given “strict priority queuing” above all other traffic classes. Because an overload of EF traffic will cause queuing delays and affect the jitter and delay tolerances within the class, EF traffic is often strictly controlled through admission control, policing and other mechanisms. Typical networks will limit EF traffic to no more than 30% and often much less of the capacity of a link. For more information the IETF defines Expedited Forwarding behavior in RFC 3246.
Assured Forwarding (AF) PHB
For more information the IETF defines the Assured Forwarding behavior in RFC 2597.
Class Selector PHB
Class Selector PHB provides for legacy standard support in DiffServ. Before the DiffServ standard, IP networks could use the Precedence field in the Type of Service (TOS) byte of the IP header to mark priority traffic. The TOS byte and IP precedence was not used to large degree. The IETF agreed to reuse the TOS byte as the DS field for DiffServ networks. In order to maintain backward compatibility with network devices that still use the Precedence field, DiffServ defines the Class Selector PHB.
In a traditional physical PC network architecture, applications and their associated data are assigned specific ports on which to communicate. Web traffic is generally port 80, SQL traffic is port 1433, FTP traffic is port 22 etc. Network routers take advantage of traffic segregation by port to prioritize business critical traffic over non-critical traffic.
The problem with QoS in today’s VDI implementations resides in the underlying display protocol. Communication to and from the VM to the thin client or terminal is facilitated through a single protocol communicating on a single port, regardless of the application in use. All network traffic is treated the same, whether it is video, email, file transfer or some other application. As an example, if you’re using PC-over-IP to connect your thin client to a VM, the data that flows between the two devices communicates via the PC-over-IP protocol on port 50002. There is no differentiation between the various applications in use, because all traffic to the VM is on the same port and is therefore treated with the same priority. For example, a person streaming a YouTube video will consume a predominate amount of available bandwidth, thus impacting users performing their regular business related computing activity. The router cannot segregate and prioritize the traffic under this scenario. Further complicating matters, the user frequently changes applications over the same connection over time.
So how do you prioritize the traffic so as not to adversely impact the productive users from those that are running bandwidth intensive applications or websites? With Lakeside Software’s SysTrack you can easily configure DiffServ priority based on the application or website with which the user is actively working. Priority would then be dynamically applied to the Windows TCP/IP stack, resulting in packets being DS-tagged according to the application in use and priority assigned. Unique to this solution, priority is dynamically established based on applications being executed.
Let’s use the above example, running various applications over PC-over-IP on port 50002. We simply define specific applications and the priority that they should receive. We might decide that SAP traffic and a particular URL associated with a company web application has a higher priority than other traffic. With a simple SysTrack configuration, we assign an Expedited Forwarding (EF) Per-Hop Behavior DSCP value of 46. This results in the DS field for IP packets that support high-priority applications having a higher priority tag at the router level, even though all traffic operates over port 50002.
In the example above, if we have a 128KB WAN link between the terminal and the VM, although the data stream is all communicating via PC-over-IP on port 50002, when the YouTube video data and SAP data is routed, the router can prioritize the important traffic by looking at the DS field tag.
As virtual desktop infrastructure implementations begin to grow beyond just proof-of-concepts and limited production pilots the branch office and WAN considerations will take on a higher priority. WAN acceleration via the prominent vendors in the space is not enough to ensure that the data infrastructure is adaptable and dynamic. The only way to reach this level of adaptability is to have a firm grasp of the workload and the deep analytic capabilities about that workload to drive infrastructure performance to benefit the users.