On 27/03/2009, at 2:14 AM, Matthew Moyle-Croft wrote:
Rik Wade wrote:
I'd suggest something like the following as policy: - two classes, "bulk" and "priority" - IX members are permitted to send n% of their IX connection bandwidth as "priority" (matrix configuration enforced)
I have ports on IXes where other companies have 40x the bandwidth I do. (I have 1GE, they have 40GE). If the other party was to be allowed 10% of their traffic as "high priority" then easily I could have my entire port taken over by one organisation, even if that was NOT WHAT I WANTED.
Technical point, I would expect that high priority traffic would be limited in capacity on egress, to say 10% of your port. So, they might be able to fill up the remainder of the high priority egress queue on your port, but I doubt they would be able to fill up the entire port.
Priority for IXes is pointless. No one that I'm aware of does differential priority on their Internet networks which can be accessed externally. (Nothing like making a DDoS really effective). Why? Because priority is about trust relationships. Fundementally the Internet is untrustworthy. Therefore I can't trust any markings coming externally. How do I know a peer is really trustworthy or that their customers are?
If people want to organise standard passing of priority bits for non-Internet traffic, then that's all well and good. But I suspect the relationship will have to be very different to the nature of Internet IXes.
I'm going to have to think about this some more before replying - I'm torn. -- Nathan Ward