Classifying Data Streams

Introduction

The goal of classification is to categorize each traffic stream that passes through the network. By identifying all traffic, the server is able to perform different types of processing depending on the stream type such as prioritization, quality of service and class based speed limiting.

The class system inspects each network packet and identifes which stream it belongs to. It does this by checking the properties for the packet including the network adapter it arrived on, source and destination addresses, protocol, size and other information. After the packet is identified the server places the packet into a corresponding queue for further processing.

Packets are stored in the queue for a short period of time until they are ready to be sent by the processing system. Rules determine the delay, queue depth, priority and other processing information that applies to each queue.

Layer 2 Inspection

The server operates at Layer 2 in the network stack which allows it to view all of the properties for each stream including Ethernet, IP and TCP/UDP information. At this layer the traffic is broken down from streams into packets which range between 54 and 1518 bytes in size.

Each packet contains identifing information in the form of a virtual envelope called a header. Headers comprise of protocol specific data such as source and destination address, packet size, layer number and other properties.

Each layer in the network stack attaches its own header to the packet containing information that is specific to that layer. This allows the server to classify all layered protocol information such as MAC address and packet size information at layer 2, IP addresses at layer 3 and TCP ports at layer 4.

There are also types of stream information that are not specific to any layer such as direction and network adapter. These properties are recorded and used to classify packets into their appropriate queues.

Queueing Criteria

There are a number of methods available to sort traffic into queues. The different criteria that may be used to classify streams are as follows:

  • Network Adapter - The network interface that corresponds to the stream. For incoming data this is the adapter the stream is being received on, for outgoing data it is the adapter the stream is being sent on. Note that this is the network interface on the Trafic Shaper XP server, not the client or internet site being used.
  • Direction - The direction of travel for the stream, i.e. whether it is an upload or a download. The context of this parameter is from the point of view of the internet connection. So any data sent from the local network to the modem is upload, any data received from the internet is download. Adapter orientation must be set correctly in the program options for direction to be properly determined (Internet-facing and LAN-facing settings).
  • Protocol - The data stream's Layer 2 - 4 protocol.
  • Local Endpoint - The local computer for the connection. The local endpoint consists of an address (MAC address, IP address or domain name) and an optional TCP port or port range.
  • Remote Endpoint - The remote computer for the connection. The remote endpoint consists of an address (MAC address, IP address or domain name) and an optional TCP port or port range.