The present disclosure relates to data communication networks. More specifically, the present disclosure relates to monitoring path quality in a data communication network. SLAs (Service Level Agreements) on private circuits (provider Multiprotocol Label Switching, for example) often guarantee certain constraints on bandwidth, latency and jitter for particular classes of Internet Protocol (IP) traffic, in addition to more general overall bandwidth and privacy guarantees. For example, an SLA may provide performance guarantees for each Quality of Service (QoS) class.
Many enterprises are interested in replacing/augmenting these expensive private circuits with cheaper Internet uplinks. The “circuit” and “security/privacy” aspects of a private circuit can be mimicked with existing Virtual Private Network (VPN) technologies, such as Internet Protocol security (IPsec). However, Internet uplinks are inherently “best-effort” in terms of performance, so it is difficult, or sometimes even impossible, to provide absolute guarantees with respect to bandwidth, latency, and jitter for particular QoS-classes of traffic.
Intelligent application of inbound/outbound shaping and prioritization at the endpoints of a VPN is often sufficient to mimic the performance characteristics of a private circuit in many scenarios. However, there is still a general need to monitor the behavior of the VPN itself, ideally on a per-QoS-class basis, to ensure that desired performance targets are being met.
In order to take remedial action in the event that an uplink is failing to deliver desired characteristics, the monitoring tool must be highly responsive (i.e., taking frequent measurements) while also minimizing its impact on traffic flow (i e , minimizing the impact that exchanging measurement data has on the bandwidth, latency and jitter of the data being monitored). In addition, since the monitoring data is itself private/sensitive in nature, it must be protected by a level of security no less than that of the data being monitored.
Existing network path quality measurement and monitoring tools can be generally divided into two categories: “active” and “passive.”
Unfortunately, the existing tools have multiple drawbacks. Specifically, existing “active” measurement tools (ping, Two-Way Active Measurement Protocol (TWAMP), etc.) tend to scale poorly as network size and load increase. Because they introduce a significant amount of synthetic traffic (measurement probe packets) into the network, when the number of tunnels to probe or the volume of data traffic goes up, it is necessary to scale back the probing frequency to avoid swamping the network with probe data. This has the undesirable property of making the monitoring less responsive exactly when it is most needed: under high load. A secondary problem with such tools that use “synthetic” probing is that the probe packets are not guaranteed to receive the same treatment as the data traffic for which it is desirable to monitor path quality. For example, a small Internet Control Message Protocol (ICMP) ping packet may be queued ahead of larger data packets, resulting in inaccurate estimates of network latency.
Existing “passive” measurement tools (e.g., inline capture, Transport Control Protocol (TCP) Round-Trip Time (RTT), or application analysis) have two flaws. First, these techniques cannot distinguish network delays from application delays. For example, the time spent processing an application request, or waiting for a server resource to become available, would be included in the analysis of “network delay.” While this is a valuable measure of the end-user's overall quality of experience, it does not provide sufficient information to allow a self-healing network to determine if an underlying problem is network- or application-oriented. Second, passive analysis, particularly application-specific analysis, can often be CPU and/or memory intensive, and it can be prone to rapid obsolescence as new application protocols emerge or old protocols evolve.
Therefore, what are needed are techniques and systems to monitor network path quality without the above-described drawbacks.