| ||||||
Accelerating Application Response Times in Branch Offices
Application Delivery to the Branch Challenges
Application and storage resources are becoming centralized in enterprise data centers these days, while employees are becoming distributed across a growing number of branch office locations. As a result, more users than ever are accessing their Oracle 11i, Siebel, SAP, Citrix, HTTP, and other critical application data remotely, often from global locations.
Increased reliance on the WAN for application delivery has both response-time and cost implications. It is causing businesses to run squarely into the following issues in the branch:
• WAN bandwidth and latency limitations
• The potential for sluggish application response times
• Excessive costs associated with deploying and managing servers, storage, and backup to meet user-productivity requirements
• Limited IT resources
• Increases in WAN link costs
• An increase in quality of service (QoS), security, and troubleshooting requirements as more application traffic traverses the WAN
From a performance perspective, the WAN has comparatively much less bandwidth than the LAN, particularly in branch office access networks, which often support less than T1/E1 (1.544/2.0 Mbps) speeds for cost or service-availability reasons. Upgrading capacity at each of dozens or hundreds of branch office sites to support additional traffic represents a significant increase in monthly recurring service charges to an enterprise, for example.
Capacity aside, the WAN also introduces latency into the user experience simply because it connects sites across long distances. This is one reason that the performance of applications that work well across a high-bandwidth, low-latency LAN is likely to deteriorate rapidly in the WAN without some application-acceleration enhancements. In addition, many applications are "chatty;" they might make tens or hundreds of calls to render a single page, for example. The time it takes for multiple calls is unnoticeable across a couple hundred feet in the LAN. Over long distances in the WAN, however, each call might require tens to hundreds of milliseconds in roundtrip time between client and server, which adds up to significant delay and poor performance.
Without certain application delivery enhancements, frustrated branch office users could end up circumventing the use of mission-critical applications altogether and put an enterprise's business plans at risk.
Addressing these challenges requires solutions that accelerate the time it takes to complete application requests and maximize the use of existing WAN bandwidth. Meanwhile, for optimized performance, network managers need to monitor and control the behavior of specific application traffic in accordance with that application's level of importance, or priority, to the organization.
To meet these requirements, Cisco Systems® has enabled the consolidation and centralization of costly server and storage resources into the data center, where IT staffing and resources are most abundant, while leaving behind in the branch an application delivery solution that provides users with fast access to resources-as though the application or data resource was deployed on the LAN at that site.
Cisco Wide Area Application Services
To optimize application performance in the branch, Cisco® combines Wide-Area Application Services (WAAS) with Cisco IOS® Software capabilities and branch office routers. The term "WAAS" refers to a software image that provides a set of application acceleration and WAN optimization services to accelerate web, video, file, and other TCP-based applications. See Figure 1. Cisco WAAS operates on the Cisco Wide-Area Application Engine (WAE) hardware platform-in an appliance or router module form factor.
Figure 1. Cisco WAN Optimization Architecture
Accelerating application delivery to the branch requires a diverse set of optimization techniques. Among them are router-based, network-layer products and services (red) and Layer 4 and Layer 7 WAAS services delivered by the WAE (teal).
The Cisco WAAS application acceleration technologies coupled with Cisco IOS Software capabilities running on Cisco Integrated Services Routers for the branch minimize the amount of traffic that must traverse the WAN, maximize the efficiency of WAN bandwidth usage, and control the behavior of WAN traffic by application type according to corporate policy. Collectively, Cisco WAAS includes the following specific capabilities:
• Content distribution, caching, and data compression for reducing WAN traffic loads and WAN congestion
• Application adapters that function as application-specific protocol proxies in the branch to reduce application-specific latency
• Transport flow optimizations (TFO) for increased throughput
• Cisco IOS Software performance-monitoring capabilities and QoS functions for application recognition and traffic prioritization
The WAAS application acceleration technologies are "network-transparent," in that they interoperate with the underlying IP network infrastructure and configured features. All the value-added router-based functions found in Cisco IOS Software-including underlying security features such as access control lists (ACLs), firewall policies, and intrusion detection and prevention systems-continue to function without compromise. By maintaining transparency with clients, servers, and the underlying packet network, Cisco WAAS helps ensure simple, hassle-free deployment without requiring costly reconfiguration of existing devices.
Cisco WAAS relies on the packet network to deliver traffic to be optimized through one of two ways: the Cisco Web Cache Communication Protocol (WCCP) Version 2 or Policy-Based Routing. WCCP enables selected application traffic to be forwarded from the Cisco Integrated Services Router to WAAS, have application-specific optimizations applied to it, then be directed back into the routing path. WCCP also performs load balancing across multiple WAEs operating WAAS in the branch to provide scalability. Cisco Policy-Based Routing allows network administrators to create customized routing configurations so that the Cisco Integrated Services Router views the WAE running WAAS as a next-hop router. Both WCCP and Policy-Based Routing support built-in failover mechanisms to minimize service interruption.
Cisco Wide Area Application Services (WAAS) for the branch work with Cisco data center application delivery solutions to accelerate response times end to end (Figure 2). One data center solution is the Cisco Application Velocity System (AVS), an application front end that offloads communications-processing functions from Web servers and speeds application performance. Another is the Cisco Content Services Switch (CSS), also available as a line card for the Cisco Catalyst® 6000 Series Switches, which manages traffic load balancing across multiple servers for scalability and provides continual monitoring to help ensure high server availability.
Figure 2. Cisco Application Delivery Solutions
The Cisco WAN optimization architecture, including Cisco Integrated Services Routers, Cisco IOS Software, WAEs operating WAAS software, complements Cisco data center application delivery capabilities.
This paper now takes a closer look at the various services in Cisco WAAS software and the problems they solve.
Content Distribution, Caching, and Compression
Application protocols each have different characteristics, and different users access applications in various ways. As such, several dimensions to optimizing access to applications and data over the WAN are necessary to improve performance for branch office users. Many of the techniques that contribute to better performance and throughput also provide the additional benefit of increasing efficiencies in WAN bandwidth utilization and consumption. Bandwidth savings are enabled by keeping infrastructure services local (off of the WAN) and streamlining communications that must traverse the WAN to maintain data or protocol integrity.
Content distribution, caching, and compression, for example, accelerate application response times by alleviating WAN traffic loads and congestion. In addition, content distribution and caching also help improve client performance by keeping the transmission of validated data within the branch office so that response times feel "local."
Content distribution reduces WAN latency and congestion by enabling network administrators to push updated software or data out to remote office caches before users begin making requests for the content. There might be a new security patch, for example, that all users will request when they come to work first thing in the morning, or an application update or corporate video-on-demand that most users will wish to access in its most current form as soon as it is available.
Instead of making each user download the new software version over the WAN and clogging the network with hordes of requests, administrators can instead pre-populate remote office WAAS caches with the new software by pushing it across the WAN ahead of time (during off hours, for example). Using this method of content distribution, user attempts to access resources feel like LAN requests in terms of response times, because users are, indeed, pulling content from a local source after it has been validated.
Caching, like content distribution, stores a copy of recently accessed data locally in WAAS. Whereas content distribution proactively pushes data to the remote office WAAS deployment, caching keeps a copy based on user request. Should an object be requested that has not changed, the object can be safely delivered to the user from WAAS, thereby mitigating transmission of the object again over the WAN.
While caching and data distribution provide many benefits, there are times when traffic must traverse the WAN or data must be explicitly transferred, as in the case of a file change. Cisco WAAS advanced compression helps optimize the use of the available network capacity by fingerprinting incoming and outgoing traffic such that it only needs to traverse a link once. This feature, called Data Redundancy Elimination (DRE), examines all TCP traffic and stores a copy of it in a database on WAAS. Should identical traffic patterns be detected again, a lightweight pointer can be sent to the neighboring WAAS deployment with the instructions necessary to rebuild the entire transmission.
This sophisticated compression is supported on WAAS to achieve compression ratios of 5:1 up to 100:1, based on application and degree of data redundancy. In addition, traditional 2:1 to 4:1 Lempel-Ziv (LZ) data compression is available as an additional WAAS service to squeeze yet more capacity out of existing links.
Application Adapters
To eliminate the problem of response-time latency over the WAN due to application protocol chattiness across long distances, the Cisco WAE supports application adapters, which function as local Layer 7 application-specific protocol proxies. This WAN optimization enhancement involves enabling client/server protocol messages to be processed locally by the WAE where appropriate and safe, rather than requiring multiple roundtrips over the WAN.
These adapters have been built for the Cisco WAAS architecture for standard file-sharing protocols, including Common Internet File System (CIFS), File Transfer Protocol (FTP), and Trivial FTP (TFTP). They are also built in for Web protocols (HTTP and HTTPS) and multimedia protocols (Windows Media and RealMedia). WAE video adapters also significantly minimize video traffic loads by aggregating multiple users' stream requests into a single stream across the WAN. These adapters are thoroughly tested against protocol specifications to help ensure that data integrity is not compromised.
Transport Flow Optimizations
Another WAAS service component to accelerating application delivery, called Transport Flow Optimizations (TFO), reduces latency and increases throughput by improving the behavior of TCP. TCP/IP was designed long ago to provide reliable, connection-oriented services for primarily two applications: FTP and Telnet. Over the years, the networks carrying Internet traffic have grown in capacity and also in distance. As such, TCP still provides the reliable, connection-oriented service for which it was designed. However, given the lack of development that has gone into keeping TCP current, the protocol can quickly become a performance barrier to application responsiveness and throughput.
The Cisco TFO implementation incorporates recent advances in TCP and TCP extensions to improve application performance and data-delivery characteristics over the WAN. Cisco TFO provides an optimized TCP stack that includes better algorithms for managing TCP connection behavior over the WAN and improving behavior on networks with high levels of packet loss. Cisco TFO implements a series of optimizations, including window scaling and advanced congestion management algorithms, which increase overall throughput, mitigate latency, and improve efficiency of TCP connections. Most importantly, Cisco WAAS shields users and servers from the complexity of TCP-generated WAN inefficiencies.
Performance Monitoring and QoS
Quality of service, or QoS, is a general term for using a series of functions to maximize the network performance of specific applications or data in accordance with corporate policy. Being able to do this first requires understanding of which applications and protocols are actually on the network. Before QoS can be configured, network traffic monitoring is necessary so that the network operator knows exactly what traffic is present; how it is behaving in terms of latency, delay, jitter, and packet loss; and how it could be affecting other traffic.
These measurements can be taken and traffic can be continually monitored using Cisco IOS Software router-based tools such as Cisco IOS IP Service Level Agreements (SLAs) and NetFlow. From there, network managers can determine what adjustments should be made to specific types of traffic.
Traffic gets recognized at the application level using a capability in Cisco IOS Software called Network-Based Application Recognition (NBAR), a form of deep-packet inspection (DPI) that looks beyond the IP packet header and into payload information at Layer 7 to identify the specific application or operations being performed within the application. When recognized, application traffic can then be classified and have actions assigned to it based on corporate priority as well as on maximum latency, jitter, and packet loss tolerances.
Assigning actions might involve guaranteeing a minimum amount of bandwidth for a certain class of application traffic, for example. In the case of Citrix traffic, for instance, a minimum amount might also be assigned to each Citrix session with a rate limit attached to it. The reason is that while most Citrix application sessions consume very little bandwidth (about 20 kbps), each session requires its minimum bandwidth to be continually available. This is analogous to the way a voice-over-IP (VoIP) conversation requires relatively low bandwidth but will disconnect if that capacity disappears even for an instant.
For VoIP as a traffic class, actions will likely involve guaranteeing that latency, jitter, and packet loss will not exceed certain thresholds and that VoIP packets are marked using Differentiated Services Code Point (DSCP) bits in the IP header for priority queuing because of their delay sensitivity.
Other QoS actions might involve blocking or rate-limiting traffic that is not considered business-class, such as peer-to-peer applications that consume large volumes of bandwidth or Internet Web surfing.
Route, or path, optimization can also be considered a subset of QoS. Optimized Edge Routing (OER), a Cisco IOS Software capability in Cisco routers, is applicable at sites configured with two or more access connections. OER dynamically chooses the optimum route based on variables other than just the shortest path-the criterion used by standard routing algorithms. Cisco IOS OER makes path adjustments by correlating real-time data on latency, packet loss, link usage, reachability, throughput, and link cost-data collected by Cisco NetFlow and Cisco IOS IP SLAs. The feature compares data-path performance end to end across all available paths before selecting a route.
Summary and Conclusion
Cisco has designed WAAS, its comprehensive application acceleration and WAN optimization solution, so that users in branch offices can enjoy response times and productivity levels comparable to those of headquarters-based LAN users-and without the IT department having to deploy large amounts of infrastructure in each remote site. Specifically, the Cisco architecture embodies numerous services for minimizing WAN bandwidth consumption, optimizing the efficiency of WAN bandwidth usage, minimizing distance- and protocol-imposed latency, and controlling WAN behavior based on application type and according to corporate policy.
Services for compression, caching, software distribution, and local file and application protocol proxying are delivered in the branch by Cisco WAAS software operating on WAE appliances or router network modules. Services for performance monitoring, application recognition and traffic prioritization are delivered by Cisco IOS Software in branch office Cisco Integrated Services Routers.
With this complete Cisco WAN optimization and application acceleration solution, customers can deploy a centralized IT application infrastructure, thereby minimizing the number of application servers, file servers, and other servers in the network. Remote users receive application responsiveness comparable to that of a corporate campus user's experience without compromising available WAN resources or requiring significant reconfiguration of network features.