🚦Linux Traffic Control (tc) | The Backbone of QoS in SD-WAN🛣️

Ronald BartelsRonald Bartels
5 min read

When discussing Quality of Service (QoS) in SD-WAN, one of the unsung heroes is Linux’s traffic control utility, tc. This powerful tool, built into the Linux kernel, serves as the foundation for managing network traffic. Its flexibility and robustness make it an ideal choice for orchestrating QoS policies in SD-WAN deployments, where prioritization and management of network traffic are crucial for maintaining performance across a distributed network.

In this article, we’ll dive into the purpose of tc, how it enables QoS within SD-WAN environments, and how its clever use in hub-and-spoke architectures creates an elegant and efficient solution for ensuring optimal network performance.

What is Linux’s tc?

tc (Traffic Control) is a utility that allows Linux-based systems to manage traffic shaping, queuing, and policing. It provides granular control over how traffic is sent and received over the network by implementing QoS policies at the kernel level. Through the use of filters, classes, and queuing disciplines (qdiscs), tc can prioritize certain types of traffic, limit bandwidth usage, or ensure minimum bandwidth guarantees.

At its core, tc is used to address congestion management and traffic prioritization in environments where bandwidth is limited, but specific types of traffic (like VoIP, video conferencing, or business-critical applications) need to maintain low latency and high reliability.

The Role of tc in SD-WAN QoS

In SD-WAN, managing traffic across multiple, often geographically dispersed, sites is critical for ensuring a high-quality user experience. SD-WAN solutions, such as Fusion’s platform, leverage tc to enforce QoS policies that ensure critical traffic is prioritized, while less important data, like bulk file transfers, is delayed or rate-limited to avoid congestion.

Key Elements of tc in SD-WAN:

  1. Traffic Shaping and Prioritization: tc allows network engineers to define rules that determine how packets are handled. This can include prioritizing real-time traffic (such as VoIP or video), limiting the bandwidth of certain non-essential services, or enforcing latency guarantees.

  2. Bandwidth Limitation and Reservation: By using different queuing disciplines, tc can enforce bandwidth limits, ensuring that no single application or user hogs the available bandwidth. It can also reserve bandwidth for high-priority traffic.

  3. Congestion Avoidance: Through intelligent queuing, tc can drop low-priority traffic in cases of congestion, ensuring that important traffic still flows uninterrupted.

How tc Powers QoS Orchestration & Deployment

In SD-WAN, QoS is not a one-time configuration; it’s a continuously managed service that adapts to changing network conditions. Here’s how tc serves as the basis for orchestrating and deploying QoS policies:

  1. Policy Configuration: With tc, administrators can define complex QoS policies that categorize traffic based on criteria like port numbers, IP addresses, or even Deep Packet Inspection (DPI). These policies are orchestrated across all SD-WAN nodes (both hubs and spokes) to ensure consistency and optimal performance.

  2. Dynamic Adjustments: In SD-WAN environments, conditions can change rapidly—like fluctuating bandwidth or varying levels of congestion. tc can dynamically adjust QoS policies to adapt to these changes, ensuring that critical applications continue to receive the bandwidth they need.

  3. Centralized Management: By using SD-WAN orchestration, policies configured via tc are centrally managed and deployed across the entire network. This centralized control makes it easier to ensure uniform QoS settings are applied, reducing the risk of misconfigurations or inconsistent service quality.

tc in Hub-and-Spoke Architectures | A Simple but Powerful Solution

In hub-and-spoke SD-WAN architectures, multiple remote sites (spokes) connect to a central location (hub) that acts as the gateway to other services, such as the Internet or a data center. One of the challenges in such setups is ensuring that traffic flowing from the spokes to the hub is managed in a way that balances performance and bandwidth constraints while maintaining QoS standards.

tc plays an essential role here, and the hub-and-spoke architecture leverages a clever solution: the spoke’s QoS settings are mirrored and reversed on the hub. Let’s break this down:

  • Spoke Configuration: Each spoke site has a set of QoS rules configured through tc. These rules define how traffic is prioritized locally, ensuring that real-time services like voice and video are given higher priority than other types of traffic.

  • Hub Configuration: At the hub, the same rules are applied but in reverse. This means that traffic arriving from multiple spokes is prioritized and managed according to the same QoS policies as it heads back out toward the spokes. This way, the traffic prioritization between the hub and each spoke is synchronized, ensuring a consistent and reliable performance throughout the network.

This approach is both simple and effective. By reversing the QoS rules at the hub, the traffic that travels back to the spokes is treated with the same level of importance as the original outgoing traffic, preventing issues such as voice or video call quality degradation. This symmetry also ensures that all sites maintain the same QoS standards without complex configurations.

The Benefits of tc in SD-WAN Hub-&-Spoke QoS

  1. Consistency: By using mirrored QoS policies, traffic from both directions (hub-to-spoke and spoke-to-hub) is treated with the same priority, ensuring a smooth flow of critical data across the network.

  2. Simplicity: Reversing the settings at the hub reduces the complexity of maintaining QoS policies across multiple locations. This simplicity means fewer configuration errors and a more streamlined QoS management process.

  3. Scalability: The use of tc in a hub-and-spoke architecture is scalable across many remote sites, allowing SD-WAN deployments to grow without sacrificing QoS. As new spokes are added, they simply inherit the same QoS policies from the central hub.

Wrap

tc is the foundation that enables effective QoS within SD-WAN environments and this is the method used by Fusion’s SD-WAN. Its powerful ability to shape, prioritize, and manage traffic ensures that critical business applications receive the bandwidth and low-latency they require, even in high-traffic or congested networks.

In hub-and-spoke SD-WAN architectures, tc becomes even more valuable by reversing spoke settings at the hub, making the management of QoS both simple and scalable. This intelligent use of tc ensures that SD-WAN deployments maintain consistent, high-quality service, even across vast, distributed networks.

As SD-WAN continues to evolve, tc will remain a critical tool in ensuring that the network adapts to changing conditions while meeting the stringent performance requirements of modern applications. With its flexibility and power, tc is key to delivering on the promises of SD-WAN’s superior QoS.

Ronald Bartels ensures that Internet inhabiting things are connected reliably online at Fusion Broadband South Africa - the leading specialized SD-WAN provider in South Africa. Learn more about the best SD-WAN in the world: 👉Contact Fusion🚀

https://hubandspoke.amastelek.com/cappuccino-a-day
10
Subscribe to my newsletter

Read articles from Ronald Bartels directly inside your inbox. Subscribe to the newsletter, and don't miss out.

SDWANLinuxQoSTraffic Control

Written by

Ronald Bartels
Ronald Bartels

Driving SD-WAN Adoption in South Africa