Beta testers for opensource traffic shaper

[nkawit]

Hi guys,

I'm looking for a small number of highly skilled beta testers (Linux + opensource enthusiasts) for our opensource traffic shaper www.opentrafficshaper.org. This project has active sponsorship from a number of backers and is currently running on a number of major ISP networks around the world.

We have run out of ideas and features for the current stage of development which we're preparing a release for in the next few weeks.

If you've worked with traffic shapers and bandwidth optimizers in the past and can provide ideas, screenshots, input on features or anything which can contribute to help the development team make this project excel in the field I am willing to grant exclusive benefits in return.

-N

 

[Tinuva]

I don't mind beta testing, but this seems like it only rate limits users based on username or ip address? And maybe prioritize users.

Can it do layer7 traffic matching? ie. match torrent traffic, encrypted torrent traffic, and put those on best effort priority and then prioritize http/https/streaming/voip/gaming ect at high priority, then email at the next ect?

I can easily give you more ideas, as I have worked with enterprise grade and NSP grade traffic shaping devices, that does DPI to look at the layer7 traffic and then match these protocols into different lines/pipes/vcs and then you can prioritize traffic on 4 different priorities, from level 1 (lowest) to level 4 (highest) as well as best effort (if spare capacity available this traffic can go through, if not it is just dropped).

The equipment I have worked on, I know is in use by the likes of M-Web and MTN for their ADSL IPC shaping ect. I don't know what Telkom uses, and I know IS uses another major brand already.

 

[nkawit]

I don't mind beta testing, but this seems like it only rate limits users based on username or ip address? And maybe prioritize users.

Can it do layer7 traffic matching? ie. match torrent traffic, encrypted torrent traffic, and put those on best effort priority and then prioritize http/https/streaming/voip/gaming ect at high priority, then email at the next ect?

Currently protocols are port based. There is a further safeguard in place which will reclassify something like DNS should it exhibit unusual behavior (people running p2p over UDP port 53). There is also a fair amount of optimizations being done to improve user experience.

Configuring of ports is on our next development schedule. (hopefully)

Layer7 is something we've not yet considered for performance concerns. Added it to the wishlist as this would be awesome for smaller setups.

We added 802.1q support which allows shaping traffic inside VLANs, and also QinQ.

I can easily give you more ideas, as I have worked with enterprise grade and NSP grade traffic shaping devices, that does DPI to look at the layer7 traffic and then match these protocols into different lines/pipes/vcs and then you can prioritize traffic on 4 different priorities, from level 1 (lowest) to level 4 (highest) as well as best effort (if spare capacity available this traffic can go through, if not it is just dropped)..

What speeds was this hardware doing layer7 at? do you know what interfaces it had (chipset) and what CPUs powered it?

Layer7 at multi-gigabit speeds was something that was originally rules out due to performance concerns.

The equipment I have worked on, I know is in use by the likes of -- and -- for their ADSL IPC shaping ect. I don't know what -- uses, and I know IS uses another major brand already.

Do you perhaps have links or names of such devices? I'd love to see what their dashboards look like, configuration interfaces and if they have any additional features.

I'd also prefer to keep providers names out of this as shaping/optimization/contending/throttling can become a very heated situation

 

[Tinuva]

Currently protocols are port based. There is a further safeguard in place which will reclassify something like DNS should it exhibit unusual behavior (people running p2p over UDP port 53). There is also a fair amount of optimizations being done to improve user experience.

Configuring of ports is on our next development schedule. (hopefully)

Layer7 is something we've not yet considered for performance concerns. Added it to the wishlist as this would be awesome for smaller setups.

We added 802.1q support which allows shaping traffic inside VLANs, and also QinQ.

Ok.

What speeds was this hardware doing layer7 at? do you know what interfaces it had (chipset) and what CPUs powered it?

Layer7 at multi-gigabit speeds was something that was originally rules out due to performance concerns.

Currently we push around 350Mbps through the device for layer7 matching and shaping, but we have 1Gbps and 2Gbps licenses for them. There are limitations to the equipment, ie. you have to ensure to not do too many matches otherwise it does start dropping packets if you have a bad setup, but even with a simplified setup, it does A LOT more than any opensource or manual linux type shaping I have seen.
We only have limited access to the devices, but this is what I can show you:

:~$ uname -a
Linux wnls-ne1 2.6.21.7-aos.NGC-sdk-1.6 #1 SMP Thu May 31 12:11:26 IDT 2012 mips unknown unknown GNU/Linux

:~$ cat /proc/cpuinfo 
system type		: RMI XLR
processor		: 0
cpu model		: XLR732 Rev C4 V0.9
BogoMIPS		: 133.38
wait instruction	: yes
microsecond timers	: yes
tlb_entries		: 16
extra interrupt vector	: yes
hardware watchpoint	: yes
ASEs implemented	:
VCED exceptions		: not available
VCEI exceptions		: not available

Our devices has 1Gbps ports, many of them, because you put the device between 2x switches and span vlans through them in trunks. We then match each vlan into a "line", and in the "line" you can match packets into "pipes" and in those "pipes" break it further down into "vcs".

Do you perhaps have links or names of such devices? I'd love to see what their dashboards look like, configuration interfaces and if they have any additional features.

The devices we have, is the Allot NetEnforcer AC-3000.
Really amazing equipment hardware wise. Don't like the java software it use, its buggy on Linux PCs, but work just fine on Windows PCs. This is to configure the rules and policies and also monitor traffic whatever way you like, can be based on line, pipe, vs, internal ips, protocols, basically any way you please. We have never had better control over traffic flow than with these devices. Sexy comes to mind!

I'd also prefer to keep providers names out of this as shaping/optimization/contending/throttling can become a very heated situation

np. Was just mentioning who uses what devices, don't really care to discuss how they use it.

 

[Tinuva]

Oh I had to add, we have in the past pushed 1.5Gbps through one of these devices, so we know they can do it, and can process layer7 dpi at that speed.