Active queue management
In Internet routers, active queue management (AQM) is the intelligent drop of network packets inside a buffer associated with a network interface controller (NIC), when that buffer becomes full or gets close to becoming full, often with the larger goal of reducing network congestion. This task is performed by the network scheduler, which for this purpose uses various algorithms such as random early detection (RED), Explicit Congestion Notification (ECN), or controlled delay (CoDel). RFC 7567 recommends active queue management as a best practice.
Queue management
An Internet router typically maintains a set of queues, one per interface, that hold packets scheduled to go out on that interface. Historically, such queues use a drop-tail discipline: a packet is put onto the queue if the queue is shorter than its maximum size (measured in packets or in bytes), and dropped otherwise.
Active queue disciplines drop or mark packets before the queue is full. Typically, they operate by maintaining one or more drop/mark probabilities, and probabilistically dropping or marking packets even when the queue is short.
Benefits of AQM
Drop-tail queues have a tendency to penalise bursty flows, and to cause global synchronisation between flows. By dropping packets probabilistically, AQM disciplines typically avoid both of these issues.[1]
By providing endpoints with congestion indication before the queue is full, AQM disciplines are able to maintain a shorter queue length than drop-tail queues, which combats bufferbloat and reduces network latency.
Drawbacks of AQM
Early AQM disciplines (notably RED and SRED) require careful tuning of their parameters in order to provide good performance. Modern AQM disciplines (ARED, Blue, PI) are self-tuning, and can be run with their default parameters in most circumstances.
For AQM systems that drop packets (rather than using ECN marking), the result seems counter-intuitive to many network engineers: "Why should I drop perfectly good packets when I still have free buffer space?" What they fail to think about is that the packets will have to be dropped once the buffer is full. (Full buffers causes excessive latency [2]).
The Simulation and Analysis Platform for AQM algorithms
An Active Queue Management and Denial-of-Service (AQM&DoS) Simulation Platform is established based on the NS-2 simulation code of the RRED algorithm. The AQM&DoS Simulation Platform can simulate a variety of DoS attacks (Distributed DoS, Spoofing DoS, Low-rate DoS, etc.) and Active Queue Management (AQM) algorithms (RED, RRED, SFB, etc.). It automatically calculates and records the average throughput of normal TCP flows before and after DoS attacks to facilitate the analysis of the impact of DoS attacks on normal TCP flows and AQM algorithms. More details.
Active queue management algorithms
- Random early detection (RED);
- Random Exponential Marking (REM);
- Blue and Stochastic Fair Blue (SFB);
- PI controller.
- Robust random early detection (RRED)[3]
- RSFB: a Resilient Stochastic Fair Blue algorithm against spoofing DDoS attacks [4]
- RED with Preferential Dropping (RED-PD) [5]
- Controlled Delay (CoDel)
References
- ↑ Floyd, Sally; Jacobson, Van (August 1993). "Random Early Detection (RED) gateways for Congestion Avoidance". IEEE/ACM Transactions on Networking 1 (4): 397–413. doi:10.1109/90.251892. Retrieved 2008-03-16.
- ↑ "The criminal mastermind: bufferbloat!". jg's Ramblings. Gettys.wordpress.com. 2010-12-03. Retrieved 2014-01-23.
- ↑ Changwang Zhang, Jianping Yin, Zhiping Cai, and Weifeng Chen, RRED: Robust RED Algorithm to Counter Low-rate Denial-of-Service Attacks, IEEE Communications Letters, vol. 14, pp. 489-491, 2010. Ref
- ↑ Changwang Zhang, Jianping Yin, and Zhiping Cai, RSFB: a Resilient Stochastic Fair Blue algorithm against spoofing DDoS attacks, in International Symposium on Communication and Information Technology (ISCIT), 2009. Ref
- ↑ Ratul Mahajan, Sally Floyd, and David Wetherall, Controlling high-bandwidth flows at the congested router, ICNP 2001