|
Integrated Solutions for SME/Corporate Environments and
Internet Cafe
iDirect
Technology
Why
Satellite for broadband access?
The
satellite communications industry is a mature and stable one. For decades,
satellites have been used to transport analog voice and video signals
around the globe, providing excellent quality and reliability.
Reliability of the actual satellites once placed in operation
approaches 100%. Failures have almost always occurred during launch or
prior to deployment of services. In addition to voice and video
signals, satellites have been successfully used to transport data for
many years. Everyone has seen the dishes on top of gas stations and
convenience stores that are used for low-speed transactions such as
credit card approvals. With the advent of the Internet, satellite
technology companies have added broadband IP support making it possible
for even the most remote locations to participate in the World Wide
Web.
Most
legacy broadband satellite solutions have been built by piggybacking IP
on top of DVB satellite technology, which was designed for television
video. These solutions are inefficient and sluggish, and generally
provide poor uplink performance and lack support for applications such
as VoIP . New technology from iDirect,
developed from the ground up to support IP over satellite, has had the
effect of upgrading performance in a manner that is similar to the
upgrade from a shared Ethernet hub to a switch. The resulting solution
provides enterprise class quality and reliability.
iDirect Technology
Discussion
Legacy
Satellite Solutions
The
broadband satellite industry is undergoing an evolution similar to that
experienced by wireline services in the early
90's. At that time, most companies who wished to network their remote
locations at speeds that exceeded dial up capability were required to
install point-to-point leased lines, using either DDS circuits or very
expensive T-1 lines. With the introduction of ‘shared resource'
technologies such as Frame Relay, SMDS , and
ATM it became possible to share infrastructure costs and to share
bandwidth between multiple locations. In particular, the popularity of
Frame Relay made it possible for the first time, for companies to network
their remote sites with relatively high-speed connections at affordable
prices. This capability in turn made it possible for software
application developers to deliver company-wide applications that could
be deployed across the entire company, improving communications and
productivity, and eliminating duplicate administrative functions at
each branch office. Of course, with the advent of the Internet and
broadband services, applications grew in functionality and bandwidth
requirements. Now it can be argued that roll-out of new
Internet-enabled applications are stalled due to the lack of
ubiquitous, affordable broadband service for all remote sites
regardless of location.
In the
satellite industry, data services were initially delivered over
dedicated point-to-point circuits known as SCPC that are very similar
to point-to-point leased lines. Because bandwidth and communication
resources are not shared, this is an expensive undertaking. Similar to
the technological advances that took place in the wireline
industry in the early 90's, ‘shared resource' solutions are now
becoming available in the satellite industry, driving down the costs
for connecting remote sites to the Internet and/or to corporate
headquarters.
Many of
the shared broadband satellite solutions that are available today are
based on technology called TDMA , and like
Frame Relay, they take advantage of the fact that IP traffic is very bursty in nature. Most applications require short
bursts of information requesting data, followed by the download of the
requested information, then a period of inactivity as that information
is reviewed and worked with. This creates a great deal of idle or
wasted bandwidth on a dedicated SCPC circuit. As the diagrams below
illustrate, IP traffic tends to be asymmetric, with anywhere from 4 to 8 times as much download traffic as upload
traffic in typical applications. The bursty
nature of IP makes it possible to share bandwidth among multiple users,
effectively reducing costs and increasing efficiency.
Most
legacy broadband satellite services were developed primarily by
piggybacking IP on top of the existing technology used by satellites
for delivering analog voice and data called DVB .
DVB is used to transport television signals from companies such as
DirecTV and Dish Network. To transport IP packets, these solutions
simply encapsulate the IP traffic in MPEG video frames that are
transported by DVB as though they are voice/video. The good news is
that DVB/MPEG is a mature technology and the chip-sets to provide this
service are relatively inexpensive. The bad news is that this is not an
optimum solution for transporting IP traffic as there is a great deal
of inefficiency and unnecessary overhead. The download of IP traffic to
remote sites is actually the easy part. The uplink or return path is
the most difficult to design for maximum efficiency and performance,
balanced by cost.
Today
there are any number of broadband satellite
solutions available that provide marginal broadband service for
customers, but many have deficiencies that have resulted in slow
acceptance of broadband satellite as a mainstream solution for business
users. We will now take a closer look at some of these critical issues
and discuss how the new iDirect technology
has resolved them.
TCP/IP
over Satellite
A
significant difficulty encountered in supporting TCP/IP applications
over satellite has to do with the inherent latency or delay of
satellite systems. Because satellites are 23,000 miles above the earth,
the time it takes for a signal to go from the ground to the satellite
and back to the ground is just over 1/4 second. The TCP/IP protocol was
designed for guaranteed transport. A server or PC sending data will
begin by sending a few packets and then waiting for an acknowledgment
that the data was received before sending any more. If the data is
successfully received and acknowledged, the sending device will send
more packets at a faster rate. It will continue to speed up until
acknowledgments are lost. This tells the sending device what the speed
or bandwidth capability of the transport services is, and it will send
remaining data at that rate. Unfortunately, satellite latency appears
to the sending TCP/IP device as a very slow or congested circuit. It
expects an acknowledgment within a short time period and when it
doesn't get it, it throttles back and retries. Satellite vendors
circumvented this problem by using TCP acceleration techniques
sometimes called spoofing. This is based on the same techniques that
were used to solve similar problems with IBM SNA/SDLC and other older
protocols in the past. Many satellite solutions require an external device
to provide TCP acceleration. Almost all legacy solutions accelerate TCP
in only one direction. Many of the solutions are based on ‘spoofing'
the TCP/IP protocol. The problem here is that there is no end-to-end
management of the TCP session, so if a packet is dropped midway through
transferring a large file, the file must be retransmitted from the
beginning. iDirect
provides bi-directional TCP acceleration, built into the satellite
router and hub equipment at both the remote site and teleport hub
equipment. Further, the data transmission is tracked and buffered and
occasional acknowledgments are sent end-to-end so that if an error does
occur, only the corrupted portion need be retransmitted.
Another
related issue is TCP Session Setup. This can be seen when pulling up a
web page that has multiple links on it for content. Each one of these
links must go through a connection/acknowledgment process that must be
performed sequentially and is directly affected by satellite latency. iDirect provides HTTP or
Web Acceleration that works in both directions. It dramatically
improves web response by eliminating the need for the acknowledgment
packets to traverse the satellite link. This results in downloading
pages smoothly and quickly as though on a terrestrial link.
Reliability
and Rain Fade
Everyone
who has ever used DirecTV or Dish Network video television service is
aware of the fact that service can be degraded or lost during a bad
storm. This interference is especially troubling for IP traffic. TCP/IP
requires very low bit error rates (10-9 BER) to deliver data at full
speed. With increasing error rates, packets must be retransmitted,
resulting in a significant reduction in throughput. On an IP satellite
service, when the Bit Error Rate degrades to 10-7 BER, IP throughput
drops to about 5%. Satellite vendors have incorporated forward error
correction (FEC) technology that works to correct errors in an effort
to avoid retransmission. The challenge is to find a balance between the
overhead of the FEC technology and the gain in performance by
mitigating errors and retransmits. The most common FEC today is called
Reed Solomon Viterbi (RSV). This FEC
technology has been incorporated into many of the chip-sets that use
DVB/MPEG to deliver data. The primary limitation of RSV is that the
higher the level of desired reliability, the greater the amount of FEC
overhead, at great cost to bandwidth efficiency.
There is a
newer and far superior technology called Turbo Product Codes (TPC) that
works using a reiterative process much like a turbo on a car engine. It
essentially corrects some of the errors, and then sends the data
through the process again, attempting to correct any packet corruption
that might have occurred during transmission. It does this using a
minimum of FEC overhead. Turbo Product Coding,
reduces the amount of power required for antennas to transmit signals
to a satellite while maintaining high error correction performance. As
a result, customers can use smaller, less expensive antennas, thereby
enabling voice, data and Internet applications to be supported more
cost-effectively. According to industry experts, Turbo Product Codes,
or TPC, offers the best coding performance of any common FEC technology
implemented to date. In communications engineering you rarely get
something for nothing. Generally technology that improves information
reliability comes at the cost of either time or bandwidth. TPC is as
close to something for nothing as you can get today.
iDirect is the first
satellite technology provider to implement this new technology in their
product, and the only one (at this time) to utilize it in both
directions.
Note, that some vendors
have begun to implement “Turbo Codes” which is not the same thing as
Turbo Product Codes and does not deliver the same degree of efficiency
and reliability. There are actually two different implementations of
Turbo Codes: Turbo Convolutional Codes, or
TCC, and Turbo Product Codes or TPC. According to the experts, the most
promising current implementation is Turbo Product Codes, or TPC, as it
provides a significant advantage in terms of reliability and increased
performance. TCCs typically have a noise
floor that limits the maximum bit error rate achievable.
Along with
the forward error correction, VSAT transmission power is an important
factor in punching through inclement weather. On satellite transponders,
it is power, not bandwidth that is the critical factor. Satellite
providers have rules regarding how much power can be directed at the
satellite. Most VSATs have a fixed amount of
power they can use to transmit a signal. As the weather degrades there
will come a point where the transmission power is insufficient to reach
the transponder without significant errors occurring, which drastically
reduces IP throughput to the point where it may fail.
The iDirect solution addresses rain fade in two ways:
first of all, the use of TPC forward error correction technology means
that significantly less power is required to deliver the same bandwidth
as a legacy system using RSV.
Secondly,
the iDirect solution incorporates automatic
power control that automatically boosts transmit power as the signal
degrades due to inclement weather. The additional power margin provided
by TPC forward error correction can be used to boost the signal without
exceeding the power limits imposed by the satellite vendor on their
transponder. The hub equipment located at the teleport constantly
monitors the signal from each remote site. As bad weather moves into a
particular area, the remote VSAT(s) in that area are remotely and
automatically commanded to boost their transmission power. As the
weather clears, the transmission power is throttled back.
Performance
Issues
Downloading
(outbound) on a broadband satellite system is not overly difficult. The
transmission is basically a broadcast that is sent to all remote VSATs. In the case of the iDirect
solution, each satellite router has a burned in MAC address and it can
only receive data that is specifically sent to it. iDirect uses a proprietary TDM frame format
that is approximately 60% more efficient than most DVB systems,
otherwise the operation is very similar. The difficulty comes on the
uplink or inbound link.
Bandwidth
contention
Multiple
remote VSATs must contend for bandwidth in
order to transmit or uplink their data. Some legacy broadband satellite
systems contend for bandwidth, leveraging technology that works much
like shared Ethernet. As more users are added to the system there are
collisions that result when multiple users request bandwidth at the
same time. As the load increases, this can create a snowball effect
until all the bandwidth is chewed up just handling the contention. Thus
it is very important that the network not be highly over-subscribed or
service may be seriously impacted.
Once a
VSAT has contended for access, the hub will assign bandwidth on the
same frequency or channel (TDMA) or on multiple frequencies or channels
( MF-TDMA ). This bandwidth assignment will be
made based on some sort of fair access algorithm and the active
bandwidth request from the remote VSATs.
Unfortunately the access is inconsistent because collisions may occur
when multiple VSATs request a connection and
bandwidth at the same time, and must back off and retransmit. This
causes slow startup times and adds jitter which affects applications
like VoIP and Video/IP.
|
Most of
these systems (which are based on the DVB/RCS specification) allocate
bandwidth in 8 or 16 Kbps chunks for pre-configured amounts of time,
frequently measured in seconds. As the time period expires, if the
remote VSAT isn't using the bandwidth or if a higher priority request
is made, then the bandwidth is released and may be reassigned.
Unfortunately this method of allocating bandwidth can be very
wasteful and inefficient, and is very difficult to optimize for best
performance. Internet or web based traffic is very bursty. Transmission times are generally very
short and random in nature. Since bandwidth is generally allocated
for a minimum of several seconds, all the idle time in which a VSAT
holds assigned bandwidth, but is not actively transmitting is wasted
transmission capacity.
|
|
The iDirect system minimizes the ‘connect' time by
assigning a small amount of dedicated bandwidth or CIR (Committed
Information Rate) to each satellite router, so a VSAT never has to
‘contend' for access. It always has a connection to the hub. An
additional pool of shared bandwidth is dynamically allocated to each
remote site up to 8 times/second using a ‘fair access' algorithm to
prevent high usage sites from starving other sites. Bandwidth, or
timeslots are never ‘held' by VSATs, but are
constantly assigned and allocated in real time, taking maximum
advantage of available bandwidth and distributing it between users in
real time. Bandwidth efficiency increases from 10 to 20% for most
legacy systems, to over 95% on an iDirect
system.
The iDirect solution is excellent for VoIP and Video/IP for several reasons. Because of
the dedicated bandwidth, there is no contention required to begin a
transmission, managing jitter for these sensitive applications.
Additionally, allocated bandwidth for a VSAT is ‘feathered' or spread
out across entire frames, creating a smooth even data flow, rather than
the jerky delivery experienced with many other systems.
The hub dynamically
allocates bandwidth to each site based on configured rate limits, QoS ,
CIR and current queue depths. In some ways, this technology can be
thought of as upgrading from a shared Ethernet hub to a smart Ethernet
switch, with all of the resultant performance benefits provided by that
solution.
Frame Size
Many legacy systems
use a 250ms frame size. That means sampling at only 4
times/second which yields a sluggish web response and very poor voice
quality. The iDirect frame size is
variable depending on the application, but is generally set at 125ms
which means sampling 8 times/second. This yields a crisp user web
response and business class quality VoIP
service. Of equal importance is the ability mentioned above, to
‘feather' or spread out the transmission data smoothly and evenly
across the transport frames for a consistent low-jitter service.
Quality of Service
(QoS)
Application QoS based on Class Based Queuing, found in leading QoS engines like Lucent's Access Point router, Sitara, etc. allows the administrator to allocate a
percentage of bandwidth to specific applications or protocols and to
set the priority level (basically the queue depth) in order to deliver
the desired quality. QoS works in both
directions, so a VoIP call won't be stepped
on by another VSAT's large download file.
When the prioritized application is idle, the bandwidth is available
for general use. A further advantage and unique capability of the iDirect solution is the ability to do fragmentation
and interleaving. This eliminates the case where the system has started
to transmit a large data packet and a small voice packet comes behind
and is delayed (even though it is prioritized in the queue). When large
packets are fragmented, then the voice packet only has to wait for one
slot.
Traffic
prioritization may be performed on:
|
|
Destination
IP Address
Source IP Address
Source TCP Port Number
Diffserv and ToS
Bits
Protocol (TCP, FTP, UDP, RTP, ICMP)
|
|
The QoS feature can also be used to filter out or discard
unwanted data based on the same criteria, basically by assigning zero
(0%) bandwidth allocation for the undesirable
application or protocol. For example, an organization might want to
block gaming, or MP-3 downloads or Kazaa file
sharing, or restrict the amount of bandwidth available for these and
other applications.
Rate
Limiting
The amount
of upstream and downstream bandwidth for each individual site is
controlled and managed using rate limiting. In this way, a business
pays only for the amount of bandwidth they require on a per site basis.
A site can use all the bandwidth available up to the point that it is
rate limited.
Committed
Information Rate (CIR)
As
indicated above, each iDirect remote VSAT
satellite router is assigned a small amount of dedicated bandwidth,
eliminating the need to contend for an opportunity to transmit, and
guaranteeing that no matter how busy the network, at least that basic
amount of bandwidth will always be available. Additional CIR bandwidth
can be permanently dedicated or dynamically allocated on a per site
basis to support specific requirements for an additional cost.
Dedicated CIR is bandwidth time slots permanently assigned to specific
remotes that cannot be used by any other VSAT. Dynamic CIR is allocated
to specific sites when they have data to send, otherwise the bandwidth
time slots are put back in the shared pool for general use among all VSATs. A key differentiator is the speed with which
dynamic CIR can be assigned. Most systems that provide a CIR capability
will take 10's of seconds to establish the dedicated bandwidth
capacity, while the iDirect system will make
it available in sub-second time.
Security
Many
companies desire the use of satellite broadband for private IP
networking instead of, or in addition to Internet access. This is
easily accomplished. Traffic from remote sites lands at the teleport,
where Internet traffic is directed to a firewall and dropped with no
intermediate hops onto a Tier One ISP backbone at very high speeds.
Private IP traffic is directed to a Frame Relay, T-1, VPN or other wireline link that terminates back at the company's
headquarters location. The connection is private in all regards,
similar to a Frame Relay network. For additional security, most iDirect-enabled Network Operators support iDirect's optional 3DES encrypted service across
the satellite link. Everything to and from the remote VSAT is encrypted
across the satellite link. The benefits of TCP and web acceleration are
maintained. The customer can decide whether to encrypt links to some or
all of their remote offices. The 3DES encryption is provided by the Hifn chipset that is found in VPN appliances and
routers from many vendors. The performance hit for 3DES encryption is
less than 1%.
Some
organizations have specific requirements for security, and satellite
latency can create some interesting challenges for VPNs.
We understand these limitations and can provide consulting and advice
for a range of security solutions that work over satellite such as:
- SSL-based VPNs that are easy to
deploy because no client software is required. They ride on top of
TCP, so TCP Acceleration continues to operate.
- SLE or
Selective Layer Encryption solutions that encrypt data but leave
the TCP control information alone so that TCP Acceleration can
work properly.
- Encapsulation
techniques that wrap an IPSec VPN packet
in a new TCP header that can be accelerated.
Integrated
Solution
Many
satellite systems require that you convert a PC into a router in order
to share the connection. Others provide a dedicated PC or device that
delivers a proxy service to share the connection with multiple users.
The iDirect solution uses a small hardware
box with no moving parts, that includes standard routing features such
as Static IP, RIP2, IGMPv2, DHCP, NAT, DNS caching, VLAN tagging, GRE
Tunnel Acceleration, etc. It delivers a 'hot' 10/100 Ethernet port to
connect to your networking gear. The satellite modem, router, TCP
acceleration, and QoS engine are all in a
single, reliable, integrated package.
Service
Delivery Options
Most
legacy systems require that the service provider procure a large chunk
of space segment, typically an entire transponder. This means that they
must design their service offering for a mass market, with an eye to
servicing and supporting as many subscribers as possible on a network.
The iDirect solution supports the ability to
economically engineer smaller, customized service offerings to meet
specific customer demands. There are generally three types of service
offerings available that we shall refer to as Enterprise, Carrier/Premium,
and Private Network. Not network operators offer all three service
types. Due to the flexibility of the iDirect
solution for a network operator to engineer a service offering to
specifically address specific markets, there is variance in the
offerings from different providers. Business Satellite Solutions will
work with you to determine which service offering is best for your
requirements.
Enterprise Service
With this
solution, a service provider will generally configure a service that
provides an ‘a la carte' menu of bandwidth offerings. This is similar
to typical business broadband solutions like DSL and Fixed Wireless
that are shared by multiple companies at reasonably conservative
sharing or subscription ratios. Typical generic service offerings range
from 128 Kbps x 64 Kbps up to 4 Mbps x 512 Kbps. This is a good
solution for the enterprise with just a few remote sites. Bandwidth
levels can be upgraded on a per site basis as requirements increase.
Carrier
or Premium Services
These
services are generally intended to be used for Internet Cafe's, ISP
backhaul service or very high volume business use. They are also
appropriate for solutions that have a high volume of concurrent VoIP or Video/IP transmissions. Generally some
percentage of the service offering has a built in CIR to ensure
sufficient dedicated bandwidth to meet the saturated data throughput
requirements for these ‘heavy use' applications. Additional CIR may be
available for additional cost to meet the specific requirements of the
situation.
Private
Network Service
|
An
enterprise that has many remote sites may opt to procure a private
network service in which bandwidth is shared only by that company's
remote sites. The service can be customized and designed with sharing
ratios to meet specific business requirements. A business may opt to
increase the sharing or subscription ratio in order to reduce the
cost per site. They may opt to select bandwidth rates that are higher
than a generic service offering and install the appropriate dish and
transmission equipment to support the higher rates. The iDirect solution supports up to a maximum of
9Mbps x 4 Mbps. Companies with many sites across multiple time zones
may distribute them across multiple carriers in order to split the
traffic load by time of day. Business Satellite Solutions uses an iDirect-provided segment analysis tool to help
determine the correct sharing, CIR and other parameters to meet the
specific business requirement.
|
|
Transportable
Solutions
In
addition to fixed installations, the iDirect
solution is excellent for mobile or transportable satellite solutions
that can be assembled and commissioned in a matter of a couple hours,
then packed up and moved to a new site as needed. With this solution, a
company might arrive on site, set up and point the dish,
use a GPS to enter the location coordinates for the dish and bring the
system online quickly. With a couple of VoIP
phones and a small switch or hub, a remote site can have extensions off
the corporate PBX, and be connected to the Internet and/or headquarters
in no time.
|