Blue (queue management algorithm) explained

Blue is a scheduling discipline for the network scheduler developed by graduate student Wu-chang Feng for Professor Kang G. Shin at the University of Michigan and others at the Thomas J. Watson Research Center of IBM in 1999.[1]

Functioning

Like random early detection (RED), Blue operates by randomly dropping or marking packet with explicit congestion notification mark before the transmit buffer of the network interface controller overflows. Unlike RED, however, it requires little or no tuning to be performed by the network administrator. A Blue queue maintains a drop/mark probability p, and drops/marks packets with probability p as they enter the queue. Whenever the queue overflows, p is increased by a small constant pi, and whenever the queue is empty, p is decreased by a constant pd < pi.

If the mix of traffic on the interface does not change, p will slowly converge to a value that keeps the queue within its bounds with full link utilization.

Stochastic fair Blue

The main flaw of Blue, which it shares with most single-queue queuing disciplines, is that it does not distinguish between traffic flows, but treats all flows as a single aggregate. Therefore, a single aggressive flow can push packets out of the queue belonging to other, better behaved, flows.

Stochastic fair Blue (SFB) is a stochastically fair variant of Blue which hashes flows and maintains a different mark/drop probability for each hash value. Assuming no hash collisions, SFB is able to provide a fair share of buffer space for every flow. In the presence of hash collisions, SFB is only stochastically fair.[2]

Unlike other stochastically fair queuing disciplines, such as SFQ (Stochastic Fairness Queuing), SFB can be implemented using a bloom filter rather than a hash table, which dramatically reduces its storage requirements when the number of flows is large.When a flow's drop/mark probability reaches 1, the flow has been shown to not react to congestion indications from the network. Such an inelastic flow is put in a "penalty box", and rate-limited.

Resilient stochastic fair Blue

Many scheduling algorithms, including the fairness-aimed ones, are notably vulnerable to spoofing distributed denial-of-service (DDoS) attacks. A resilient stochastic fair Blue (RSFB) algorithm was proposed in 2009 against spoofing DDoS attacks. The basic idea behind RSFB is to record the responsive normal TCP flows and rescue their dropped packets. RSFB algorithm is effective in preserving the TCP throughput in the presence of spoofing DDoS attacks.[3]

Implementations

An implementation of Blue is part of ALTQ, the network scheduler for BSD Unix.[4]

An implementation of SFB for Linux was included in the Linux kernel in version 2.6.39.[5] [6] [7]

Notes and References

  1. BLUE: A New Class of Active Queue Management Algorithms . Wu-chang Feng . Dilip D. Kandlur . Debanjan Saha . Kang G. Shin . April 1999 . University of Michigan . Computer Science Technical Report . CSE–TR–387–99 . June 8, 2013 .
  2. Book: Wu-Chang Feng . Dilip D. Kandlur . Debanjan Saha . Kang G. Shin . Proceedings IEEE INFOCOM 2001. Conference on Computer Communications. Twentieth Annual Joint Conference of the IEEE Computer and Communications Society (Cat. No.01CH37213) . Stochastic fair blue: A queue management algorithm for enforcing fairness . April 2001 . 1520–1529 . 10.1109/INFCOM.2001.916648 . June 8, 2013 . 3. 978-0-7803-7016-6 . 10.1.1.11.4235 . 5902623 .
  3. Book: Changwang Zhang . Jianping Yin . Zhiping Cai . amp . RSFB: a Resilient Stochastic Fair Blue algorithm against spoofing DDoS attacks . International Symposium on Communication and Information Technology (ISCIT) . 2009 . 1566–1567 . 978-1-4244-4521-9 . June 8, 2013 . Abstract
  4. Web site: Blue . Web page . Wu-chang Feng . June 8, 2013 .
  5. http://kernelnewbies.org/Linux_2_6_39#head-87ffd4407af29460251c521e0228fe0ac9219d4b Kernel Newbies - Linux 2.6.39 - Networking
  6. Web site: SFB Linux kernel network scheduler module . . 2013-09-07.
  7. Web site: Stochastic Fair Blue for the Linux kernel . Juliusz Chroboczek . June 8, 2013 .