IEEE JOURNAL ON SELECTED AREAS IN COMMUNICATIONS VOL. 13. NO. 7. SEPTEMBER 1995 Fundamental Design Issues for the Future Internet Scott Shenker, Member, IEEE (Invited Paper) aches of modifying it (in Section), we present aluating network designs(in Section IIl). We et should adopt a new service ), how this service model should be is service model should s for new o review We do THERE a continue to gro to link a s ss, why chitecture much to e cts of the substantia has a regula featured the tisements oest-effort"service; small cor in terms the network hen, or even if, packets will invested, dominated by of our te (e.g., Telnet), choice DNS), and concern of nd packet decisions nomi future telec This paper discuss decisions that the Inte collapse. future. After briefly re ia appli- d video in M was supported in part by th networks by Fort Huachuca under C The author is with the Xerox Palo Alto Res rvice for 94304-1314usa. IEEE Log Number 9413108. b is typically not done in the applica- The of hosts increased by 81% in 1994 alone. Thes protocol TCP. See [25] for discussion w 41]and241 0733-8716/95504.001995e
SHENKER: FLNDAMENTAL DESIGN ISSUES FOR THE FL TCRE INTERNET that connect these computers, such as the Internet, must adaptation techniques been seen as a general and enduring be prepared to cope with the traffic emanating from solution have very different characteristics and requirements than data ture"approach has several important advantages. No changes applications, and thus their emergence is likely to significantly are required to any network interfaces, so the change can alter the nature of the Internet's traffic load (see [38] for a be incrementally deployed at both the end hosts and the more complete discussion ). In particular, as traditionally im- routers. Also, the network mechanisms(Fair Queueing an plemented these real-time applications are typically less elas- its relatives) and application mechanisms(delay adaptation tic-less tolerant of delay variations--than data applications. are relatively well understood. However. in this approach This lack of elasticity causes two problems. First, these the network would deliver the same class of service to all traditional implementations* of real-time applications do not users, with no assurances as to the quality of that service erform adequately when running over the current Internet While the network would protect users from each other, it because the variations in delay are too extreme and there is up to applications to adjust to the inevitable variations in are too many dropped packets. Second, these applications packet delay and available bandwidth. There are likely to be typically do not back off in the presence of congestion; when limitations to this adaptability. Moreover, because there is no these real-time applications are contending for bandwidth with admission control the network must be provisioned so that traditional data applications, the data applications end up the fair bandwidth shares are not, except in very rare case eceiving very little bandwidth. Thus, when deployed in the unreasonably small urrent Internet, traditional real-time applications not only do As we will explore in this paper. it is not clear that not always perform adequately but they also often interfere such an approach is desirable; there are other approaches to with the data applications supporting real-time applications that modify the basic Internet One can address these problems without changing the architecture. These modifications usually involve extending the basic Internet architecture by improving application and router Internet 's service model-the set of delivery services-from implementations, The unfairness that results when congestion- the single class of best-effort service to include a wider var avoidant data applications compete with congestion-ignorant of service classes. In addition, one can augment this service al-time applications can be resolved by using the Fair model with admission control, which is the ability to turn Queueing packet scheduling algorithm (or something roughly some flows away when the network is overloaded. In this quivalent) in routers. These routers would then ensure that paper we ask whether or not these architectural modifications every user had access to theirfair share "of bandwidth, and are appropriate. Surprisingly, this question has received rather so data applications would be protected from the real-time little explicit attention in the literature. The approach which ones(see 16l for a discussion of such scheduling algorithms ) involves only implementation enhancements and not archite Such a modification does not require any change to the tural modification, while advocated by several researchers, has Internet architecture. While this approach solves the second not been adequately described in the literature. The approach problem mentioned above it does not solve the first; the which entail major architectural changes have been fully service delivered to an individual application can still have described, and we have included a sampling of this literature substantial delay variance and packet loss, seriously degrading in the bibliography. Most of these papers implicitly assume the performance of these traditional implementations of real- that such modifications are necessary and hence give little justification for the basic approach(this author also pleads One can address this problem by modifying the application guilty to this crime; see 131); instead the focus in these papers is mplementations rather than the network implementation. In on the details of the design and comparison with other similar recent years there have been tremendous advances, much born architectures tive to variations in packet delays: delay adaptive techniques basic issues in what has been an underarticulated disagreement have been highly successful in such Internet applications as nv about basic architectural assumptions. We hope to provide and vat. These delay adaptive techniques were first introduced a framework for considering the various architectural trade many years ago. see [71, 1441. but only recently have these offs and identify some of the critical assumptions that lead to one choice or another. We do this by presenting a rather Both or we oints(see/3. ons of real-time applican back of incoming data. approach is not intended to model reality, but to be the simplest involve either fixed abstract formulation and a few rather simple models; this under high delay variance. s the real issues at stake. Central sThis approach does not require an architectural modification although this endeavor are questions about the nature of future computer pplications, the cost of additional network mechanism, the m购m四m(m时甲 discuss rate adaptation again in Section晚 I and we will not discuss the to the current delays and can tolerate fairly large variations in delay without We will use the term"flow"to refer to the traffic stream representing a particular user or application. Flows can be unicast or mu
EEE JOURNAL ON SELECTED AREAS IN COMMUNICATIONS, VOL. 13, NO. 7 SEPTEMBER I99 amenable to precise analysis. Consequently, our discussion if different applications have widely different sensitivities to here is nonrigorous and intuitive; our goal is to articulate these delay, then offering two priority classes will likely increase issues, not provide analytical resolution of them. Of course, the efficacy of the network(when compared to a single class all of this analysis must start by asking what is the goal of of service) We can illustrate this by the following simple example, where we compare providing two priority classes with a single class of FiFo service. Consider a network with a single link IIL. WHAT IS THE GOAL OF NETWORK DESIGN By what criteria do we evaluate a particular networ modeled by an exponential server (of rate u= 1)and flow modeled by Poisson arrival processes. Consider two types of chitecture?The Internet was designed to meet the needs of network clients, with Poisson arrival rates r=0.25 and with users, and so any evaluative criteria must reduce, in essence, U,= 4-2d, and U2=4-d2 where d; represents the make the users? Network performance must not be measured average queueing delay delivered to client i. Thus, we have to the following question: how happy packets, or power, but rather should be evaluated solely in service in the network, ther ivities to delay. If we use FIFO in terms of network-centric qu like utilization, dropped erms of the degree to which the network satisfies the service requirements of each users applications. For instance, if particular application cares more about throughput than delay, and so V FIFO = 2. If we use strict priority service, with or vice-versa, the network service to that application should preemption, and give client I priority, be evaluated accordingly We can formalize such a notion of network performance d 4/3 as follows. Let the vector si describe the service delivered to he i'th application or s: contains all relevant measure ( delay, throughput, packet drops, etc )of the delivered service. and into the performance of the application; increased U. reflects improved application performance. The utility function de priority =8/3. Thus, the strict priority scheduling scribes how the performance of an application depends on the algorithm is more efficient delivers a higher value of V at the delivered service. 0 Later, in Section VI, we will discuss the same bandwidth--than FIFO. In fact, when compared to all shapes of these utility functions for some common applic a algorithm gives the most efficient feasible allocation of delay classes but for now we introduce them merely for definiti possible scheduling algorithms, the strict priority scheduling The goal of network design is to maximize the performance Note that in this example a slightly overprovisioned FIFO be restated as being, quite simply, to maximize the sum of the network(u= 17/16)has the same value of V as the priority ity of an architecture V=2, U:(;). Much of our subsequent examples, where the delay preferences are more varied (e.g analysis bears on how various design choices affect V epending on higher moments of the delay or having a"k the utility function at some value of delay), a much greater led to make a FIFO network IV. WHY DO WE NEED TO EXTEND THE SERVICE MODEL? match the efficacy of a priority network. ways increase the efficacy of an architecture by l other things being equal, one should definitely offer supplying more bandwidth; faster speeds mean lower delays more varied set of services than just the single class of best- and fewer packet losses, and therefore higher utility values. effort service; matching services to application needs enables However, one can also increase V by keeping the bandwidth the network to increase the overall utility. However, there is fixed and delivering a wider variety of services than just a a trade- off between the cost of adding bandwidth and the cost ingle class of best-effort service. Such an extension in the of adding the extra mechanism needed to extend the service service model, which is the set of services offered by the model. Both of these costs are impossible to gauge precisely etwork, is a fundamental aspect of many of the recently The mechanistic aspects are costly not just in control overhead proposed network architectures. Such an extension would and in the extra complexity required in network components, allow different applications to get different qualities of service: but also in the disruption caused when changing such a basic the general intuition is that the closer the services are aligned aspect of the architecture(later in this section we will explore with application needs, the higher the efficacy. For instance, some of the implications of these changes). The cost of the ith the performance of bandwidth will depend greatly on the nature of the competitive and regulatory environ well as future logical heir applications and will use the terms application and user somew I Recall that the ay if we have two priori ral rates idered n imea uke r and r2 respectively. then the delays are given by d, =tim an of how much a user would be
SHENKER: FNDAMENTAL DESIGN ISSUES FOR THE FL'TLRE INTERNET developments.none of which we can accurately foretell. the least efficient network design is to build separate networks Moreover, the amount of bandwidth needed to offset the each with a different application class, and that describes th benefits of extending the service model depends in detail on the current situation utility functions of applications and the service model being Our analysis of this simple example also reveals two other offered. Evaluating this trade-off requires making judgements important points about extending the service model. First egarding future developments about which little is known and not every client gains directly from the increase in efficacy vary widely compare two service allocations and Nonetheless, despite this uncertainty, at the core of this v(s)>v(5)does not imply that U (s, )>Ui(8? )for all bandwidth versus mechanism trade-off is the central fact i, For instance, in the simple example with just two clients, that the timescales of the service requirements of real-time U2 F0=2 but Up ority= 4/3 even though Priority applications are much smaller, by several orders of magnitude, VFIFo. Efficacy in heterogeneous networks is gained by han those of, say, FAX or electronic mail. One cannot operate shifting resources from applications that are not extremely a network at reasonable utilizations while delivering to all performance-sensitive to those that are: the performance traffic a service suitable for real-time applications: yet the sensitive clients gain from offering more sophisticated service extreme elasticity of FAX and e-mail would be able to utilize models, but the less-performance sensitive clients lose; the the significant amount of leftover bandwidth if the service overall efficacy increases because the losses are smaller than model could just keep it out of the way of the real-time traffic. the gains. For this reason alone it seems plausible, if not probable, that Second, in order to achieve the additional efficacy with an the payoff in terms of the bandwidth saved from offering these extended service model, the mapping between service classes multiple classes of service will more than outweigh the costs and applications must reflect the application requirements. In of the extra mechanism our simple example, the increased efficacy of priority service Another alternative is to use separate networks for can only be realized if the network can recognize which client various applications, each with its own single service is more delay-sensitive and assign it the appropriate service his is similar to what we do now with separate telephony, class. Assigning flow I to the lower priority class and fiow 2 video, and data network infrastructures. We can use our to the higher priority class would result in a lower value for imple example to examine this possibility. If we double the V: in fact, it yields V= 4/ 3(which is 1/2 of the optim linespeed. /=2, and double the number of applications, value ). We will return to these two points in Section V. the performance numbers become: I'prorty 32 /3 and 10, Now consider two networks, with separ andwidths /(1 + 2=2. each carrying two applications. If we V. WHO CHOOSES THE SERVICE FOR A FLOW divide the clients so that each network carries one applicatio At this point, we have argued that the network should offer of each type. and the bandwidths are split evenly (which is a service model that includes more than just the single class optimal here). then we revert back to our original case and the of best-effort service This service model could be as simple most efficient thing is to use priority on each link and achieve as two priority levels, or as complicated as the multiple delay a total efficacy of 16/3. If we partition the clients so that one bounded service classes described in [3]. However, we have network carries two delay-sensitive applications and the other yet to address one fundamental question which applies to all carries the two less sensitive applications, then the optimal of these possible service models: how does the architecture arrangement is to use FIFO on each network and to split the decide which service to give a particular flow? There are bandwidth. as /lr 086 and /2=V2-1/2 essentially two possible answers to this question: the flow car .9I4. which yields an efficacy of 10-lv2 2 4. 313. Thus, pick the service, or the network can pick the service. We now combining the networks into a single infrastructure yields a contrast these two options. I-4 much higher value for v than using separate networks: in fact. in this simple example the value of V is doubled by combining A."ImplicitlY Supplied"versus"Explicitly Requested the networks. This increased efficiency due to statistically sharing a resource is one of the central design principles of If the network chooses the service class, then we say that the data networks. When considering separate networks, there is service is implicitly supplied; the application sends its packets greater efficacy when the application types are mixed. Thus, without saying anything about its service requirements and the network then classifies these ts into some service class the near and handles them accordingly. For instance, the network might oubiful that. when considering the network as a whole bandwidth will be divide all traffic into the categories of asynchronous bulk mportant to note that if indeed interactive bulk, interactive burst, and real-tim port number. and then deliver to ace category ag For instance, it might then be preferable to mere add bandwidth end the service rnodel appropniate service Using the formulas for delay +{8 throughout this paper. in this section the larceny ially egregious The od by which the categorization is done is not important and the fact that m +g2=2. we can solve for the optimal value of AI and here. we care only that the categorization is under the control of the network and not the applicatio
IEEE JOURNAL ON SELECTED AREAS IN COMMUNICATIONS. VOL 13. NO. 7, SEPTEMBER 1995 This approach has some important advantages. Most no. This clean separation is markedly different from the telephony tably, this approach does not require any change to the and cable infrastructures, which are more focused on a single service interface, Curren ly, applications can jus send their application and a uniform network technology. Experience packets without any negotiation with the network, and this suggests that violating the clean separation embodied in the will continue to be true with an extended service model IP layer by embedding application information in the network if the service is supplied implicitly; applications would not would inhibit the creation of new applications. Thus, the need to specify their desired service to the network, and the implicit approach, while certainly attractive in the short-term, network would, in turn, not need to describe the service- has serious long-term deficiencies to-be-delivered to the application. Also, since there is no The alternative is to have applications explicitly request the explicit commitment to a given service level, the mapping service they desire. That is, the network offers a set of service from application to service class, and the nature of the service classes and the applications indicate to the network which delivered to each service class, need not be uniform across service class they want. This approach has the advantage that all routers nor stable over time. Since applications would not it maintains the clean architectural interface between applica have to change, and the service given by the routers would tions and networks, so any future application can be serviced not have to be standardized, such an architecture could be in the desired service class. However, this approach does have deployed immediately and then modified incrementally ome unfortunate disadvantages. The first disadvantage is the Weighing against these powerful advantages are some prac- incentive issues that are raised, and the second is the lack of tical disadvantages. The implicit approach entails a fixed set flexibility in the service model. We address these two problems application classes: at any given time a router only knows separately about a certain set of applications and cannot properly service those applications about which it does not know. Moreover, this approach cannot accommodate individual or situational B. Incentives variations within a single application, For instance, if one Recall that in Section Iv we made two observations. First uses the same audio or video application for both interactive we observed that the optimal efficacythe maximal V--was (which needs low delay and low jitter)and lecture(which can only achieved when low priority service was given to the flow olerate large delays and jitter) settings, then there is no way with less stringent delay requirements. Second, we observed for the network to distinguish between these two cases: this that not all applications benefit directly from this increase in V leads to inefficiencies because the network must give service those asking for lower priority service received worse service appropriate for the interactive mode and thus the application In the explicit approach, this mapping betweenbetween the ap- gets better service than it needs when it is being used in lecture plication and service class is under control of the applications themselves and therefore ultimately under control of the user These two practical problems are symptoms of a fairly We can achieve optimal efficacy only if some applications ask mode. basic architectural flaw in the implicit approach. The implicit for lower quality service. What will motivate users to do this: approach can only work if the network knows something about why won always ask for the highest quality service the service requirements of each application. New applications no matter what their application requirements? 18Certainly cannot get the service they require if the network does not when the Internet had a small user population with a strong know what their service requirements are. Embedding appli- sense of tradition and comraderie, informal social conventions cation information into the network layer information violates would have been sufficient to induce users to behave properly he of the central design tenets of the Internet. The inter- However, in the public Internet of the future, as with ar network layer-the IP layer[351-was designed to provide a heavily utilized public facility, informal social conventions clean interface between networks and applications The fact will not be sufficient to discourage selfish behavior. Thus, that any application capable of running on top of IP could the network must provide some other system of incentives run on any network that supported IP encouraged diversity to encourage to request the proper service classes for both above and below the IP layer. a wide variety of net- their applications. Pricing of network services is one approach working(or, more correctly, subnetworking)technologies have Charging more for the higher quality service will ensure that emerged (e.g Ethernet, Token Ring, ATM, etc. )and a wide only the extremely performance-sensitive applications will and ever-increasing variety of applications have flourished. 7 request that service. As discussed in 14], [37], pricing can be sed to spread the benefits of increasing V to all applications user: is mucsauational variation. An individual variation would be for some applications, the reduction in the quality of service lay or jitter than another user is compensated by the reduction in price, and for others the re rather broad then this is unlikely to be that there es that the service request made by the general fashion: service requests are embedded into the application itself (much as the can be used as quality of service signals n the shor -term, is unlikely to be adopted as an architectural principle