WAN acceleratos can save bandwith and improve the duration of file transfers.
Linux, iptables, TCP, networking
The company Open Systems offers 'Mission Control Security Services': Security, performance
and management of networks, infrastructures and services. WAN connections via many nodes
can lead to large packet delay and packet loss. This has impact on the TCP protocol, which results in a limited bandwidth. Therefore, the theoretically available bandwidth can't be reached.
The user will have to wait long until the software can display the content.
These days there are some expensive 'WAN accelerator' on the market, for example such as
from Riverbed, Silverpeak or InfoVista. A WAN Accelerator pretends Acknowledge-packets from
the receiver and therefore needs a more or less cleverly devised caching-function. This enables
the sender to send its packets as uninterruptible as possible. The integration of these appliances (hardware or virtual) needs a lot of effort and it is expensive. It would be better if a company, which connects different locations, could integrate the functionality in its gateway.
This project deals on the one hand with the integration into a Linux-System and testing of a
commercial solution, which ensures to be easily integrable. On the other hand the same
procedure is planned for the open source solution TOFFEE.
Setting of the test:
WAN links can be emulated using netem.
There are very few open source WAN acceleration products available. Those that were analyzed in this project, were either not installable, or wouldn't work as expected.
The tested commercial solution is a solid WAN acceleration product, that can be easily installed and maintained. It can
improve file transfers on links with large delays and can also perform acceleration on lossy
links. By using it, one can save bandwidth, reduce the number of network packets and improve the duration of file transfers. But its WAN acceleration causes a big system load,
resulting in a highly used CPU.
During testing, various problems occurred: it couldn't accelerate multiple encrypted sessions like HTTPS. Furthermore, it couldn't accelerate files bigger than 1GB. Another problem that caused a lot of research, was SMB traffic. Depending on how the files of a SMB share
were copied to a user, it showed huge deviations in speed.
The tested commercial solution adverts some nice features that aren't as effective as one would expect.
A second commercial solution on the other hand, showed similar performance in accelerating as the first. It could accelerate most of the tested scenarios, with a few specific exceptions. The system load that the
second solution caused, was by far smaller than first one's system load.
Project duration: 18. September 2017 - 19. Januar 2018
Cost: 220 man-hour
Team: 1 person
open systems ag, Räffelstrasse 29, 8045 Zurich
www.open.ch
Marc Biedermann
Peter Gysel
peter.gysel@fhnw.ch