Information Technology Reference
In-Depth Information
As an analogy, let us say you are moving to another apartment and have employed the
help of three friends. You act as the teaming server by passing the packages to your friends
for them to carry downstairs, deciding which box should be carried by whom based on
its size and the size and availability of your friends. You take the large box and give it to
the largest of your three friends, and while he is occupied with bringing it downstairs, you
hand boxes to your two other friends and wait for their return. In this case of teaming,
your three friends carry one load each based on their strengths; they are not necessarily
combining into the Incredible Hulk who can carry all of your stuff at once. Though the
bandwidth is not necessarily increased in theory, in practice you are still utilizing a big-
ger bandwidth limit due to the multiple sources of bandwidth and will greatly increase
throughput. This is efficient for multiple requests and multiple users; it allows the server
to avoid congestion in any single connection. What will not benefit from this scheme is the
transfer of large files because only one connection can be utilized, even if it has the largest
bandwidth in the group. It also greatly increases redundancy and failover protection.
In the same scenario, where your friends help you to move, they help carry your 100-inch
TV and your large sofa together, which is now an act of bonding because they are a single
element doing one large job.
Jumbo Frames
Networking technology has come a very long way, but some of the standards being used
today are the same ones set in an era where everything was small and slow. We are refer-
ring to the default data payload size of the network data frame. The original 1518 byte
maximum transmission unit (MTU) is a bit malnourished compared to today's gigabit stan-
dards. A small unit size was chosen because the speed and bandwidth capabilities of early
networks and Ethernet were pretty small and large data packets pose large problems when
communication errors occur, which meant that they had to be sent again, taking up valu-
able time and bandwidth. So they settled for a relatively small and manageable size. But
this is largely no longer true because current technology can handle more than its share of
large data packets.
Although the MTU was originally set for manageability, today it can sometimes be det-
rimental. The reason for this is that whenever a data frame arrives, the NIC issues an inter-
rupt request (IRQ) to the CPU so that it can check out the new frame. The CPU then reads
the frame and the TCP headers before actually processing the data contained in the frame.
This is the associated CPU cycle overhead with each small frame received. Thankfully, CPU
processing power has steadily increased, but that is still not a guarantee because DDoS
attacks can use this process to overwhelm the CPU of servers. Because data centers always
employ a form of bandwidth aggregation, attacks almost never generate enough requests to
overwhelm a network, but instead they may overwhelm processors with the sheer number
of IRQs generated by sending hundreds of thousands of small packets. FigureĀ 5.3 shows the
simple IRQ process being exploited by hackers to overwhelm the CPU.
A way around this issue is to use jumbo frames. As the name suggests, jumbo frames
are frames with a larger size compared to the standard MTU. Sending data in jumbo
frames means there are fewer frames sent through the network, resulting in fewer IRQs at
Search WWH ::
Custom Search