What Real-Time Traffic Based Automation *Would* You Trust?

I've got no problem with traffic routing through different or multiple links as these are links that I've configured to do so, thus I know where to look and what to look for when there's an issue.  The specific path at a given time can vary, but it should only vary within constraints that I've already configured and expect.

Prioritizing flows between endpoints sounds great: that's what the QoS is configured to do.  Specifically it's great as long as it's my config and not something I have to relearn when I'm troubleshooting an emergency with multiple layers of managers looking over my shoulder.

Since we are talking ideas and concepts (more of a perfect world thing), I think technology is here that can do this today. Problem is, it's in pieces and isn't build specifically for QoS.

Piece #1: In-line "device" (appliance, router, or switch), watching the traffic real-time...this is a MUST.

     Cisco has the new AVC (Application Visibility and Control) for it's ISRv2 routers (Cisco Application Visibility and Control (AVC)  [Routers] - Cisco Systems).

     BlueCoat purchased Packeteer a few years ago, I would consider this the original AVC.

Piece #2: IPS, not IDS, functionality...the ability to block traffic based on anomaly detection.

     This would need to be modified for QoS behavior; however, does anyone remember Cisco MARS...that anomaly detector didn't go very well.

Piece #3: Behavior-based, dynamic routing

     This can be done today with Policy-based routing (PBR) and Performance-based routing (PfR). You can pick-n-choose your patch based on metrics.

Now, I'm not a developer...so if someone takes my idea to combine these into 1 device or code release, and can provide dynamic QoS for a network, well, all I can say is...I want 10% commission for every license sold!

And this doesn't even get into the IPv6 enhancements around native QoS or path/route discovery.

So, as I stated in the other post...it's coming, just a matter of when and how.

D

dunno... I reckon I would live with the decisions made by my Engineers... I am just a peon around here...

If my queuing/QoS for a link was filling and about to drop packets it could be an automated policy to route over a non-favorable metric path. I'd rather hop data around then drop it unless it really was given a drop policy.

When you phrase the question like that i would be happy with of these

• Temporarily redirecting traffic that’s unknown to a security device for analysis. - Very Useful on some areas of the network not so much on other
• Traffic steering, where traffic is balanced across links based on a combination of traffic characteristics and link utilization. - A no brainer for me why have the multiple links if you cant use them
• Prioritizing specific traffic flows between two endpoints to minimize latency. - Automating this would work given the parameters could be defined at the start.

• Temporarily redirecting traffic that’s unknown to a security device for analysis. Bit concerned about this one, as although useful could cause a lot of work to administer, but given the right resource would be good.
• Traffic steering, where traffic is balanced across links based on a combination of traffic characteristics and link utilization. Yep, definitely!
• Prioritizing specific traffic flows between two endpoints to minimize latency. Yep, definitely!

Yes, yes, and yes.

The temp redirection piece would only be problematic if latency to analyze bit into overall performance - but an evolving dictionary that could identify and remember legit business flows would be a solver. An intuitive method to pre-seed one's dictionary would be useful...like watch the network for a day or business cycle, identify and submit to said dictionary legit flows, and go from there on an ongoing basis. Some admin, yes - but there's always some admin even in the most automated environments.

• Temporarily redirecting traffic that’s unknown to a security device for analysis. I think this is a risky proposition, I don't want to affect a user because for whatever reason his traffic looks a bit different without digging into it for more detail.
• Traffic steering, where traffic is balanced across links based on a combination of traffic characteristics and link utilization. Yup.
• Prioritizing specific traffic flows between two endpoints to minimize latency. Absolutely

Yes, maybe using non-optimal routes instead of dropping would be a good idea, I guess I would be in for that.

Nice topic. This seems to have been a common discussion that led to Cisco providing add-ons to AVC like the iWAN product push. And Riverbed has added something similar with Path Selection. And of course, some folks definition of SDN.

As we see these offerings mature, I think we'll get closer to the wants that several folks have listed here. My only apprehension is the ability to select who gets the preferential/reactive treatment. For service providers or larger enterprises that have central services teams that act like service providers, it would be nice to protect customers from harming each other or even harming themselves. It certainly feels like a 'Application Aware + Business-

Aware' flavor of QoS.

Give me the options and make sure I have several nerd knobs to make sure rogue application owners don't go hog-wild on the infrastructure.

Thanks for the post,

-chris