Technical White Paper

for the iCache Solution

Contents1 Background 1

1.1 Development Tendency of the Internet 1

1.1.1 P2P Technology 1

1.1.2 Online Video Technology 4

1.2 Challenges for Carriers 7

1.3 Carriers' Solutions 8

2 iCache Solution 10

2.1 Architecture 10

2.2 Principles 13

2.3 Core Technologies of the iCache System 15

2.4 Functions 21

2.4.1 HTTP caching and accelerating 21

2.4.2 P2P caching and accelerating 22

2.4.3 Online Video caching and accelerating 22

2.5 Features 22

2.6 Core Values 24

3 Typical Application 25

3.1 Success Case 25

4 Acronyms and Abbreviations 27

Figures

Tables

Figure 1-1 BT schematic diagram 2

Figure 1-2 Traditional solutions and iCache solution 9

Figure 2-1 iCache architecture 10

Figure 2-2 P2P caching 14

Figure 2-3 Before HTTP caching 15

Figure 2-4 After HTTP caching 15

Figure 2-5 After Caching 16

Figure 2-6 Peer list content 17

Figure 2-7 IP addresses of intranet users 18

Figure 2-8 IP Packet analyze 18

Figure 2-9 HASH information 18

Figure 2-10 Unique Hash value 19

Figure 2-11 Intelligent disk space management 21

Figure 3-1 iCache deployment 25

Figure 3-2 Cache flow analysis 26

Table 3-1 Parameters for the outlet bandwidth 25

Table 3-2 Saved bandwidth 26

1

1 Background

With the development of the Internet in recent years, the number of Internet users, types of Internet applications, and bandwidth of the network increase rapidly. Thus, society and people's life are greatly affected. The function of the network develops from the interconnection, to information sharing through email, web browsing, FTP downloading, and to applications used in today's Internet such as the peer to peer (P2P), online video, instant messaging (IM), gaming, and network media. Meanwhile, the network technology advances continuously, the applications such as P2P and online video emerge, and network traffic soars consequently. These network applications not only improve customers' experience on the Internet, but also bring great influence on the network carriers and managers.

1.1 Development Tendency of the Internet

As Internet applications develop rapidly and the number of Internet users increases explosively, the development of the P2P and online video technologies brings wide influence on users. According to the statistics, the P2P and web applications account for 80% of Internet applications. The development of the P2P and online video technologies becomes the focus of the Internet development.

1.1.1 P2P Technology

The P2P technology connects users in a "peer to peer" network and the users can share the bandwidth and process information together. The P2P file sharing is one of the most popular methods in P2P and it directly exchanges files among users to implement file sharing. Compared with file downloading from pubic servers in the client/server (C/S) mode, the P2P file sharing features quicker speed and richer resources. The following introduces the basic principle and features of this P2P file sharing application by using the typical BitTorrent (BT)application as an example.

2

Figure 1-1 BT schematic diagram

Web server

1.Download file torrent

2.Response peer list

Response peer listTrack server

Client

ClientClient

4.Download/upload 3.Download/upload

......

The client downloads a seed file from the web server or other traditional servers. The seed file contains the information about a file resource, including the IP address and service port number of the corresponding tracker server, the IP addresses and service port numbers of some peer nodes, the file name, the length of a file fragment and number of file fragments, and the file creator. After analyzing the seed file, the client connects to the tracker server to request the peer list and the information about file fragments. After receiving the peer list, the client connects to the peer clients in turn to obtain the files or file fragments as required. After downloading all the file fragments of a file from tens of or hundreds of remote clients, the local client combines the file fragments into one file. During the process of downloading a file, the client keeps informing the tracker server about the bytes and the information about file fragments uploaded or downloaded by the local client. In this way, other clients can easily obtain the file resource from the local client.

The BT is usually applied to share megabytes of audio and video files. In the BT application, the local client keeps connections with tens of or hundreds of remote clients during the downloading process, and thousands of clients communicate with each other simultaneously. More clients, more smooth in sharing files. Therefore, compared with C/S mode, the P2P file sharing method can meet more people's requirements for quick file sharing, provide richer file resources, and bring users a better downloading experience. This is also why the P2P file sharing becomes so popular in the globe.

In a word, the P2P file sharing leads to the rapid increase in the number of network connections and the communication traffic among common nodes, especially the traffic across the areas far apart from each other. The P2P file sharing breaks the traffic limitation in C/S mode.

P2P is a very popular Internet technology in recent years. It develops rapidly in the fields of voice over IP (VoIP), downloading, streaming media, and coordinated computing. It is recognized by the Fortune as one of the top four technologies that bring influence on the Internet. The main features of the P2P technology are as follows:

3

Highly peered: decentralization and the Internet that is used only for connecting and transmittingHighly expansible: simultaneous expansion of users, resources, services, and systemsHighly robust: dispersed and adaptive services that are immune to attacks and tolerant of faultsHighly cost-effective: low cost but strong storage capacity and computation abilityLoad balancing: distributed storage and computing that guarantee a balanced load on the whole network

With the above advantages, the P2P technology is applied widely. The main applications of the P2P technology are as follows:

Shared content downloading: such as the BT, eMule/eDonkey, and Thunder that are preferred by users to download movies, TV shows, software, and documentation, and have a large user baseInstant messaging: such as the Skype that becomes the synonym for the IP phoneOnline sharing of audio and video files: such as the online MP3 play and video sharing on the YouTube websiteComputation ability sharing: such as the SETI@home and the Xenoservers

Though the P2P applications are convenient and real-time and bring new commercial opportunities, the low controllability and manageability of the P2P network threaten the security of user access, enterprise networks, and telecom networks. The P2P applications have occupied most of the network resources. As a result, the bandwidth resources of carriers' backbone network and the metropolitan area network (MAN) are far from required, the network is difficult to expand, and the quality of conventional applications (non-P2P applications such as the web application) is hard to guarantee. These P2P applications are free of charge currently and attract a large number of users. These free applications bring great impact on carriers' charging services and influence the promotion and development of carriers' normal services.

Therefore, it is necessary and urgent to manage the P2P applications by taking technical measures. Now, the main technical measure is to use traffic analyzing and controlling devices to block or limit the traffic by analyzing and recognizing the P2P applications. This traffic blocking and limiting measure can control and manage the recognized

4

P2P applications and guarantee the quality of service (QoS) of other key services. This measure, however, has its limitations. Although this measure releases much bandwidth, it greatly degrades users' experience that directly influences carriers' services and revenue.

"Combine the traffic guiding and blocking to facil itate our applications. On one hand, block the illegal downloading traffic. Or telecom carriers' investment will be meaningless. On the other hand, turn disadvantages into advantages to facilitate our applications." proposed by Wei Leping, Chief Engineer of China Telecom. Currently, the guiding and blocking combination is the best method to manage the P2P applications. By limiting the total bandwidth, the guiding and blocking combination guarantees carriers' investment to the network. By localizing the traffic, the guiding and blocking combination reduces the traffic load on the backbone network and improves users' experience. By employing the P2P technology to reconstruct the existing networks, the guiding and blocking combination improves the network performance and reduces costs. In addition, by employing the P2P technology to develop new value-added services, the guiding and blocking combination brings more profits.

1.1.2 Online Video Technology

IntroductionWith the rapid development of the broadband network all over the world, the technology of compressing audio and video files evolves continuously. The higher compression rate and wider bandwidth meet Internet users' requirement for watching high definition TV programs online. More and more Internet users choose to online watch news, movies, and live shows that were originally watched on TVs or local computers.

In brief, the online video play technology embeds players in the web page to play audio and video files. The following lists the key points of the online play technology.

Confidential data source address: Keeping the audio, video, and animation sources confidential so that users cannot find the data source and the data security is guaranteed. Generally, the data source address is written into an encrypted script and is assigned to a player through the script.

5

Confidential data: Ensuring that data is not replicated, which is usually applied in some special occasions. The common way to keep data confidential is to: first, protect the data source address, or make the data format streaming, and then, verify identities, or employ licenses.

Identity verification:Verifying the identities of subscribers, for the subscriber-only data. Now, the common method is to download data from an FTP server by using a temporary account produced by the FTP, and to verify users' identities through the Session.

According to the content of the online video, the online video data is divided into the following two types.

Fixed data: The video data is in a fixed location and can be located through a URL. For example, the Flash files and pre-produced audio and video files are directly assigned to play without going through other processing. Normally, the files that have been played can be found in the IE cache.Streaming data: The data is processed to be streaming by the streaming server. After being processed by the streaming server, the data is sent to a player in a streaming format. The streaming data is not cached after being played, but the streaming data can be downloaded by using a special downloading tool for streaming media.

The rapid development of the online video technology enriches users' watching and listening experience. Users can obtain the network video resources and watch videos online. Moreover, users can post their own videos on some online video websites. In a word, the online video technology enriches Internet users' online life.

Development TendencyThe online video industry is one popular industry in the globe. Bill Gates, Chairman of Microsoft Company, said that the Internet was going to revolutionize the traditional TV industry in five years. It is reported that currently, the domestic online video tends to develop in the following five aspects.

1.

2.

6

Content regulationsThe content regulations are subject to the laws of each country. The illegal content is forbidden. For example, YouTube is required to provide users' information that is used to regulate the video content and to keep track of the video producer.High definition videoproducing little profit. After all, users cannot ensure that the uploaded video files are of high quality because of the video recording devices. It is useless to optimize these uploaded videos through the technology. No advertiser is ready to put the advertisement in a video made by a common user. Therefore, there is more space for the development of high definition videos.High definition is a development tendency of TV programs, CDs or DVDs, and network videos in future. High definition guides the development of video websites.Comprehensive cooperationSome of the video sharing, P2P, video downloading websites were accused for the copyright issues. Only the podcast video portals and cooperative websites have no copyright issue. Therefore, video websites need to put more effort in the copyright of network videos.Network videos develop rapidly, having more and more users and much maturer markets. Cooperating comprehensively with video produces and agents is necessary for video websites.More investmentPrivate video websites have acquired video licenses and worry less and less about the video policies. Investments flourish again and private video websites re-dominate the video industry. Therefore, more and more capitals are going to be invested into the video industry.Video marketingNetwork videos often employ the mode of posting advertisements on videos. Although the video industry still faces many challenges, users' requirements for more and more videos and the increasing quantity of video advertisements promise a greater market for the industry of network videos. The function of video marketing is more and more powerful.

1.

2.

3.

4.

5.

7

ProblemsWhile the online video technology enriches people's life, it also brings a lot of pressure on the bandwidth. In the United States, the network data amount grows by 50% annually, while the network capacity is expanded only by 40%. According to Hitwise, a network monitoring institution, the occupied capacity of YouTube in 2007 equals the total capacity of the Internet in 2000. Larry Owen, Chairman of American Internet Reform Federation, once said that if the Internet infrastructure was not improved in time, the overloaded traffic brought by the online video technology might cause the Internet to be paralyzed in two years.

1.2 Challenges for Carriers

According to the research of major institutions, the traffic of the P2P, online video, and HTTP downloading grows rapidly, which brings heavy pressure on carriers' networks. According to the monitoring data on the MAN of a carrier, with the application of the P2P and online video, the mode of network traffic changes. The P2P traffic accounts for 40% to 60% of the total traffic on the MAN, while the traffic of downloading and video services accounts for 20% to 30%. This tendency keeps growing.

In comparison, the P2P and HTTP traffic grows far more quickly than the increasingly expanded bandwidth. The current bandwidth or even the potential growth is far from meeting the downloading requirement. The explosive increase of the P2P and HTTP traffic brings great impact on carriers and users.

The occupation of P2P connections on the total bandwidth often reaches the upper limit of the network bandwidth, which greatly degrades the performance of key network applications. The exchange between P2P nodes is disordered. The P2P lacks optimized routers and abuses the bandwidth of backbone network. The P2P occupies most of network devices and network bandwidth and causes unstable transmission or network paralysis.

The P2P and online video occupy most of the bandwidth. The minority of users occupy most of the network resources, which causes the imbalance between the investment and profit. Other users' key services, however, cannot be guaranteed. Users complain more and more. The user base is shrinking. Moreover, the limited bandwidth

8

also affects the value-added services such as the IPTV that need much bandwidth. Therefore, carriers' profit is threatened.

Carriers make little profit from the online video, P2P, and HTTP downloading services. Moreover, carriers need to utilize more devices to meet users' requirements for more access bandwidth and resources, which is beyond carriers' original service promise.

1.3 Carriers' Solutions

To reduce the engulfing impacts of the P2P and HTTP on the bandwidth, carriers employ the following solutions.

Bandwidth expansion: This solution costs a lot. When the bandwidth is expanded, the downloading traffic grows rapidly and occupies the bandwidth totally again. The expansion of the bandwidth brings little yield and can never end.Traffic shaping: Telecom carriers take various measures to control network traffic, such as blocking ports, limiting traffic, and reducing bandwidth. However, these radical measures may cause controversy between carriers and users and degrade users' experience. In addition, because of these radical measures, carriers may be involved in some law issues and loose their users eventually.Content source importing: This solution means to build the Internet data center (IDC) to provide the hosting service, or to import the top hotspot content from the website to the LAN by building content delivery network (CDN), which is quite difficult to implement for carriers. Carriers need to communicate with each content supplier and to gain their agreement so that they can import the content. The imported content, however, might not come from the website that users want to visit. Thus, the content importing solution is not ideal.

Compared with these traditional solutions, the internet cache system (iCache) solution helps carriers implement better services with less cost.

9

iCachesolution IDC/CDN

Traffic ShapingAlone

IncreaseBandwidth

High

High

Low

Low

Serv

ice

Qua

lity

Cost

Figure 1-2 Traditional solutions and iCache solution

The iCache solution employs the "guiding and shaping combination" method. Integrated with the service inspection gateway (SIG), a deep packet inspection (DPI) device, the iCache solution localizes the P2P traffic that accounts for 60% to 80% of the total outlet bandwidth, the online video traffic, and the traffic of downloading big files by using the advanced technology. Thus, the iCache solution saves outlet bandwidth, reduces the pressure of expanding bandwidth, and improves users' experience. The iCache solution employs an intelligent method to cache the hotspot content and is more cost-effective than other solutions.

10

2 iCache Solution

Huawei iCache solution is a traffic cache and acceleration solution specifically designed for telecom carriers and broadband carriers and is deployed at the outlet of carriers' MANs (or other links). Combined with the SIG, Huawei iCache solution implements the intra-network cache on the big traffic network applications such as the P2P, HTTP, and online video by taking the "guiding and shaping combination" measure. By decreasing repeated access traffic, Huawei iCache solution reduces the inter-network settlement cost and improves users' experience.

2.1 Architecture

The iCache solution contains the following subsystems: the redirection subsystem (RSS), dispatching subsystem (DSS), cache subsystem (CSS), and management subsystem (MSS), as shown in Figure 2-1.

RSSThe RSS employs the analysis and redirection technology to localize the local area network (LAN) users' requests for the HTTP downloading, P2P downloading, and online video playing. The analysis and redirection technology analyzes users' behaviors and the content requested by users. Based on the analysis result, this technology directs users' requests into a specified range and

Internet

RedirectionSubsystem

HTTPCache

Subsystem

P2P CacheSubsystem

Internet VideoCache

Subsystem

DispatchingSubsystem

ManagementSubsystem

GatewayExchange

AccessNetwork

SIG

iCache

Figure 2-1 iCache architecture

11

implements the management and control on traffic.

The RSS contains two sub-modules: the traffic capture and analysis module and redirection module. The traffic capture and analysis module captures the traffic at the Internet outlet and analyzes users' requests for the P2P, HTTP, FLV, so as to provide statistics for the redirection. The redirection module redirects users' downloading requests and directs users to obtain the local traffic first.

The RSS can deeply analyze the LAN users' requests sent to the wide area network (WAN) and redirect the requests to the CSS over the LAN, so as to block the LAN users' access to the WAN.

DSSThe DSS employs the technologies of load balancing, cache records searching, and hotspot content management dispatching. As the dispatching control center of the iCache, the DSS receives the LAN users' all GET announce requests and implements the function of a standard tracker server. When users' requests are obtained, the DSS returns the list of the LAN users' IP addresses and the CSS IP addresses to users.

In addition, the DSS balances the load on multiple CSS devices. The DSS directs users to exchange data with the cache devices that already possess the cache data, so as to increase the hit ratio of the cache devices. When the load on one cache device reaches the threshold, the DSS starts another free cache device to serve the LAN users. When the DSS sends the peer list to users, the DSS delivers other LAN users' nodes first and directs the LAN users to interconnect with each other, so as to reduce the occupation of network resources and improve the utilization of the LAN resources.

CSSThe CSS is an important part in the whole system (iCache). It uses the intelligent caching technology to cache popular resources from the Internet. The main function of the CSS is to receive users' requests for the BT, eMule/eDonkey, HTTP, online video resources from the DSS. In this way, users can download resources from the CSS rather than the WAN. The CSS saves the outlet traffic to the maximum, guides users to download the LAN resources first, greatly reduces the inter-network traffic, saves bandwidth for carriers, and reduces the inter-network settlement cost.

12

− P2P caching: The CSS automatically caches P2P resources according to users' needs and makes full use of carriers' LAN and MAN to provide traffic directly or schedule local traffic. Thus, users' downloading efficiency is maximally improved. The supported clients include: Thunder, BitComet, uTorrent, BitSpirit, and eMule/eDonkey.

− HTTP caching: The CSS automatically caches HTTP downloading recourses that repeat many times and guides users to download the LAN resources first, so as to save outlet traffic and improve users' downloading experience.

− Online video caching: The CSS automatically caches popular online videos and provides these videos for the LAN users, so as to save outlet traffic and improve users' downloading experience.

MSSBy setting parameters and providing multiple types of management policies, the MSS ensures that the system works according to the policies, and monitors the system status and data. Connected with the SIG, a traffic controlling device, the MSS implements the function of unified incoming and centralized management. Main functions of the MSS are as follows:

− Configuration management: The MSS implements centralized management on the DSS, CSS, and RSS configurations, furthermore, MSS adopts a unified management interface for iCache and SIG.

− Status monitoring: The MSS implements comprehensive monitoring on the DSS, CSS, and RSS and real-time monitoring on the health status of each subsystem, so as to ensure that the whole system works in the normal environment.

− Statistics report: The MSS records and analyzes the data produced by the system, and provides daily reports, weekly reports, and quarterly reports about the analysis results. The MSS analyzes statistics on the data and produces statistics curves that vividly and truly reflect the overall status of the iCache system and facilitate the

13

management of the system.

− Alarm management: The MSS collects the alarms produced by the system and analyzes statistics on the alarms. Based on the analysis of alarm levels, the MSS dispatches appropriate policies to solve the problems.

2.2 Principles

The iCache is designed to meet carriers' requirements for optimizing network traffic, lessening the bandwidth pressure on the outlet, and improving users' experience. The iCache can be deployed at carriers' network outlet to reduce the occupation of the outlet bandwidth by the P2P, HTTP, and online video traffic and improves the LAN users' online experience by accelerating the caching of hotspot content.The main working principles of the iCache are as follows:

P2P cachingThe caching work in the iCache is achieved together by the RSS, DSS, and CSS.

In the iCache, the RSS recognize and deeply analyze the traffic, redirects users' requests from accessing the WAN to accessing the LAN, and send the redirection packet to users. The DSS dispatches these requests.

When the DSS gets the user’s request and then finds the relevant data has already been downloaded on the CSS server yet, the DSS will send the peer list which contains the cache server’s IP address as well as the related LAN users’ IP addresses to the requester. With the peer list, the requester sets up connections with cache server or local users, then downloads the resource locally.

While the DSS cannot find the requested content on the CSS, it will dynamically assign a cache server to download the resource from the WAN first and then provide to the local users.

14

1. The P2P user seeks a resource from the WAN.Internet users

User

2. The RSS obtains and analyzes the user’s request, and sends the analysis result to the DSS.

3. The DSS queries whether the file is cached and on which cache server the file is cached4. The RSS redirects the user to the DSS

by sending the redirection packet to the user.

5. The user obtains the downloading informstion from the peer-list in the DSS.

6. The DSS retums to the user the optimized peer-list that contains the IP addresses of the LAN users and the cache server.

7. The user obtains the resource from the LAN and the cache server.

Caching server

LAN users

RSS DSS CSS

HTTP and online video cachingThe iCache system will never take actions proactively. Only when the user sends the GET announce request does the CSS start downloading the relevant content. All of the caching content depend on the local users' request.

The working process is as follows.

First, a user submits a GET request. Second, the RSS monitors that the request packet meets the basic caching criteria. So the RSS queries the DSS to check whether the request packet meets the downloading criteria. If the request packet meets the downloading criteria, the RSS sends the redirection packet to the LAN user and asks the corresponding CSS server to be prepared for serving the user. Third, after receiving the redirection packet, the LAN user connects to the CSS server and requests resources. Finally, if the CSS has the required resources, the user can download the resources from the CSS directly; if the CSS lacks the required resources, the CSS provides a proxy for the user to download the resources from the WAN and then provides service to the user.

Figure 2-2 P2P caching

15

Figure 2-3 Before HTTP caching

Figure 2-4 After HTTP caching

1. The user seeks a request from the source server.Source serverUser

2. The RSS obtains and analyzes the user’s request, and sends the analysis result to DSS.

3. The DSS queries whether the file is cached and on which cache server the file is cached. If the file is not accessed, the popularity increases by one.

4. The DSS informs the RSS that the file is not cached.

5. The RSS does not operate and the user downloads the resource from the WAN.

6. The DSS judges whether the popularity of the resource reachesthe threshold, If yes, the DSS informs the cache module A to download teh resource. If no, the DSS does not operate

7. Download resources.

8. Downloading resources finishes.

9. The CSS informs the DSS of the location where the resource is cached.

RSS DSS Caching server

The user obtains the resource feom the cache server.

1. The P2P user seeks a resource from the WAN.Internet users

User

2. The RSS obtains and analyzes the user’s request, and sends the analysis result to the DSS.

3. The DSS queries whether the file is cached and on which cache server the file is cached.4. The RSS redirects the user to the DSS by sending

the redirection packet to the user.

5. The user obtains the downloading informstion from the peer-list in the DSS.

6. The DSS retums to the user the optimized peer-list that contains the IP addresses of the LAN users and the cache server.

7. The user obtains the resource from the LAN and the cache server.

Caching server

LAN users

RSS DSS CSS

2.3 Core Technologies of the iCache System

The iCache Internet cache system is constructed based on the following core technologies. It implements transparent intra-network cache and acceleration for

16

mainstream digital and media applications such as P2P application and online video, and reduces network traffic and inter-network settlement cost by reducing repetitive download and transmission of hot content.

Cache technology saving inflowDeploy the cache system and enable the redirection function. When a certain hot threshold is reached, the cache function is enabled and network data traffic is cached. The requests of users to external devices are redirected to the cache subsystem, thus preventing users from obtaining traffic directly through the operator's egress. For the sake of saving the inflow of an operator, the traffic distributed to users through the cache subsystem must be larger than the traffic obtained through the cache subsystem from outside.

Control technology saving outflowThrough integrated deep packet inspection (DPI) devices, all uplink/downlink traffic is monitored at the exit of the metropolitan area network (MAN). The excessive traffic is controlled based on the detection of the connection and traffic of a service. The specific control is as follows:− Control the traffic and the maximum number of concurrent connections for a

single customer.− Control the individual traffic and the maximum number of concurrent

connections for IP addresses or accounts of a VIP customer.− Control the overall traffic and the maximum number of concurrent connections

for VIP customers.− Control the traffic of links or link groups.− Control the traffic of flow directions (such as AS domain, IP domain, and links

or link groups).− Control the traffic of the AS domain.− Perform QoS Remark for the traffic of links or link groups, a single customer,

and VIP customers.− Perform priority-based message forwarding according to DSCP fields.

ICache

ISP Network

Subsoribersreceive contentfrom the cachesystem

Saves transitbandwidth

iCachecachescontent

Internet

Subscribers

Figure 2-5 After Caching

17

Figure 2-6 Peer list content

Figure 2-7 IP addresses of intranet users

Scheduling technology saving bidirectional trafficIn traditional BT protocols, the Tracker server cannot decide which peers belong to the Intranet so that transmission can be performed for them preferentially. With the scheduling subsystem in the iCache system, the peer contact addresses and ports with the same infohash content stored in Intranet are transmitted to the users that require the information preferentially as long as the operator specifies the IP address segment. In this case, there is no need to request external peers for the information, and data is transmitted among Intranet users preferentially through scheduling, thus saving bidirectional traffic.

The preceding is an example of the Peerlist sent to users by the scheduling subsystem. The scheduling subsystem preferentially sends the cache subsystem owning the resources and IP addresses of Intranet users to the users downloading the resources. The scheduling system can also adjust the list reasonably in time according to the number of Intranet users owning the resources. If there are enough users owning the resources, the scheduling subsystem sends only the IP addresses of Intranet users to the users downloading the resources.

Deep service inspectionCache files first need to identify various types of network traffic and determine different service network applications, which requires deep service inspection for each type of network traffic. For urgent problems confronted by operators, the iCache system integrates DPI with deep flow inspection (DFI), deeply analyzes the traffic type and trend of each type of network application, masters the traffic, protocols, and service distribution in the network in an all-round way, and provides the basis for planning the network reasonably, formulating the traffic control policy, and deeply mining network commercial values.

The so-called “depth” is relative to the ordinary packet analysis layer. Ordinary packet inspection only analyzes the content of IP packets below layer 4, including the source address, destination address, source port, destination port, and protocol type. In addition to the above layer analysis, DPI also analyzes the application layer to identify each application and its content and determine the real service carried by the packet by detecting the payload content at the application layer of packet. The basic concepts are as follows:

IP addresses ofthe iCachesubsystem

IP addresses ofintranet users

}

}

2X1.135.XX.12X1.135.XX.2

2X1.134.XX.32X1.134.XX.542X1.134.XX.642X1.132.XX.123

......

Peerlist

IP addresses ofintranet users}2X1.134.XX.3

2X1.134.XX.542X1.134.XX.642X1.134.XX.1232X1.134.XX.1......

Peerlist

18

IP data header IP data contents

Data...Voic...Video...Intrusion...Virus

L2 to L4 detectionNetwork layer perception

L7 detectionApplication layer perception

Sourceaddress

Destinationaddress

Especially, for P2P protocols, with the inspection technology of heuristic behavior analysis, the iCache system supports 28 categories and hundreds of P2P applications in combination with inspection of data packet features. The iCache system also provides time-segment specific, region specific, and fine-grained P2P operation control policies, thus effectively controlling Intranet P2P traffic, improving the bandwidth yield rate, lessening the capacity expansion pressure, and reducing inter-network settlement cost.

Intelligent cacheThe iCache system decides whether to cache an HTTP file intelligently by judging the file name, file size, Hash value, white list, and blacklist. The judgment technology is highly accurate. The iCache system also supports the cache judgment for cross-website and multi-link files, which avoids the waste of bandwidth and cache space due to repetitive cache.

The following figure shows this principle:

Figure 2-8 IP Packet analyze

Figure 2-9 HASH information

Updabe time File Size ...... ......Updabe time File Size ...... ......Content ID

HASH

Divide the content into multiple pieces.

The iCache system automatically fragments a file, uses the front several bytes of each fragment, and obtains a unique Hash value identifying the resource through the hash algorithm. In this way, the system ensures the uniqueness of the cached resource. With the technology, the cache of the same resource on different URLs or different Websites is unique, thus saving storage space more effectively.

19

http://xxx.xxx.xxx.xxx/storm.zip

http://yyy.yyy.yyy.yyy/bfyy.zip

http://zzz.zzz.zzz.zzz/bf2009.zip

http://aaa.aaa.aaa.aaa/storm09558.zip

http://bbb.bbb.bbb.bbb/baofeng.zip

http://ccc.ccc.ccc.ccc/storm0958.zip

http://ddd.ddd.ddd.ddd/bfplayer.zip

http://eee.eee.eee.eee/storm558.rar

http://fff.fff.fff.fff/storm558.rar

Storm2009_558.zip

B0084cc7b224bbd9f0d13ca22bdf731d

In addition, the iCache cache uses the intelligent and synchronous download mechanism. According to the preset threshold, the iCache system caches a file only when an Intranet user needs to download the file. For example, when the size of a file reaches the threshold, the iCache system begins to cache the file and provides the cache service for users. When the file is not cached completely and no user is downloading the file on the network, the system stops downloading. This can avoid the attack through malicious download. Besides, cache is not be triggered due to clicks of users by mistake.

Cache space distributionA common cache system adopts incremental download to dynamically distribute space. When downloading files, the cache system adopts the fragmentation mechanism to manage file download and stores files through incremental download, which results in a large number of disk fragments and affects the disk utilization and throughput performance. In addition, because space is distributed dynamically, the free disk space may not be large enough to store the files to be cached, and the complete file cache service can not be provided for some files.

The iCache system uses a predistribution method and allocates the storage space required by cached files. For example, when downloading a 100 MB file, the iCache system first creates a 100 MB file on the cache server disk, and then starts to download the file. The method avoids the massive disk fragments resulting from the dynamic distribution of disk space. When reading cached files, the predistribution space system chooses successive reading, thus

Figure 2-10 Unique Hash value

20

enhancing the throughput performance effectively. With the space predistribution mechanism, all files can be cached, thus avoiding failure to provide the complete cache service due to insufficient disk space.

Quick content searchIn common cases, when the iCache system runs for a certain period of time, a large number of cached files are stored in the system, thus affecting the search of files. The iCache system uses the Hash value of a cached file to uniquely identify the file, stores and searches for the cached file according to the Hash value.

In addition, when searching for a file, the system adopts an advanced algorithm so that it can quickly find the server disk where the file is stored and locate the file. Moreover, through datasheet mapping and search based on memory, the iCache system further improves the search speed for cached files and greatly reduces the response time of the cache system, thus providing the cache service for users in time.

Intelligent disk space managementGenerally, the cache system consumes larger disk storage and needs to use and manage the space of 10 TB or even 100 TB. Frequent HTTP and P2P cache will result in lots of cached files. Users may not access some of the files frequently, even no longer access the files. Therefore, after the system is used for a certain period of time, lots of non-hot resource files occupy the cache disk space.

With the advanced disk recycling technology, the iCache system uses and manages massive disk space. When the utilization of disk space reaches the preset threshold, the iCache system cleans the disk automatically. It uses an advanced algorithm to accurately decide and delete the files that are not accessed by users, or have low cache hit ratio, or fail to be cached completely in a fixed cycle so as to recycle disk space. Generally, if the utilization of disk space is more than 90%, the system deletes some files to recycle space so that the disk utilization is below 80%.

21

Disk usage Disk usage

10%

90%

20%

80%

Figure 2-11 Intelligent disk space management

Content probing technologyThe iCache system attaches great importance to intellectual property rights (IPR) protection and complies with Chinese IPR laws and regulations and binding normalizative documents. To ensure that no cache servers infringing on IPRs and laws and regulations are provided, the iCache system uses the content probing technology to decide whether the content source of cache service can be downloaded according to the access of users and the preset time limit. When the content source cannot provide the download service for users for various reasons, the iCache system marks the corresponding resources in the system and stops providing the cache service for users. This ensures that the iCache system will not be a provider of invalid/illegitimate content.

2.4 Functions

The iCache has five main functions:HTTP caching and acceleratingP2P caching and acceleratingOnline video caching and accelerating

2.4.1 HTTP caching and accelerating

For users, the HTTP is the preferred and frequently-used method for downloading files. The HTTP downloading occupies most of the traffic in the HTTP application. The iCache can be set to cache HTTP resources that are repetitively downloaded and guide users to download the LAN resources first, save the outlet traffic, and improve users' downloading experience.

22

2.4.2 P2P caching and accelerating

The iCache analyzes users' downloading behaviors, caches P2P resources, and makes full use of carriers' LAN and MAN to provide traffic directly or schedule local traffic. Thus, users' downloading efficiency is maximally improved. The iCache supports the following clients: Thunder, BitComet, uTorrent, BitSpirit, and eMule/eDonkey.

2.4.3 Online Video caching and accelerating

With the expansion of the Internet bandwidth, the online video services flourish these years. The click amount of domestic and abroad video websites such as YouTube, Google video, increases dramatically. The online video traffic occupies much of the Internet bandwidth. Therefore, carriers feel much pressure. The iCache provides the caching policy based on the content clicking frequency to these online video websites. The iCache intelligently caches the online video resources and guides users to download the resources from the LAN. Therefore, the iCache effectively improves users' experience in watching online videos.

2.5 Features

Combination of guiding and shapingDifferent from traditional Internet traffic controlling methods, the iCache integrates the SIG, a DPI device, to implement the combination of guiding and shaping and provide a lean network traffic management for carriers. The iCache caches the main downloading traffic and limits the speed of the traffic that impacts services of the carrier. By combining traffic controlling and traffic caching, and employing the technologies of heuristic behavior analysis inspection and data packet inspection, the iCache monitors hundreds of types of traffic to effectively guarantee the fluency of traffic for key services, while it caches and accelerates the mainstream downloading and video traffic at the same time. The combination of guiding and shaping effectively reduces the occupation of outlet bandwidth by non-critical traffic, improves customers' experience, and reduces the outlet traffic and the inter-network settlement cost. Therefore, carries' capital expenditure (CAPEX) and operating expense (OPEX) decrease.

23

Integrated cache solutionThe iCache supports the caching acceleration of multiple services such as the P2P transmission, HTTP files downloading, and online video, and the inspection of multiple protocols on the same platform. In future, the iCache can support the caching acceleration of more services.

Efficient cacheUsers often request the same file for many times. According to the statistics, even the unpopular files in the caching pool can be requested for 10 times. Theoretically, if the caching of the P2P and online video traffic by the iCache lasts for seven days, a half of the traffic is saved. In view of the practical deployment, the iCache saves 40% of the WAN traffic for carriers after being started.During the traffic peak period, the hit ratio of the iCache is more than 85% with more than 70% traffic reduced. The average hit ratio of the iCache is more than 80% with more than 30% traffic reduced.

Low power consumptionThe iCache solution adopts the design of low power consumption. The iCache solution employs multiple energy-saving technologies such as disk soft start, automatic disk spin-down, and intelligent fan speed control, and adopts the energy-saving hardware such as the highly-efficient power entry modules (PEMs), and the cards and chips of low power consumption. Therefore, carriers' OPEX is greatly reduced.

High-performance mass storageThe maximum throughout of a single cache device is 450 Mbit/s. By adopting the high-performance iCache storage server, a single cache server provides a maximum of 20 TB capacity. Therefore, the hit ratio of cache is greatly increased by more than 85% during the peak time. Integrating the intelligent scheduling technology, the iCache averagely allocates the IOPS of system services to each disk and makes full use of each disk to improve the overall throughout of the system.

Flexible expansionBy adopting the distributed deployment method, the iCache can improve the overall performance of the cache system online, smoothly, and quickly, when the network scale increases. Moreover,

24

the iCache can dynamically expand the storage capacity as required to protect users' investment.

High reliabilityAll modules in the iCache are redundantly deployed. The failure of any disk or server does not affect the continuity of services.

Easy managementThe iCache adopts a unified management interface that is user-friendly, simple to operate, and easy to manage. The unified management interface is also powerful in statistics report and can flexibly make statistics of the distribution of users' outlet traffic.

2.6 Core Values

Reducing bandwidth cost: The iCache reduces the inter-network traffic and decreases about 40% of the cost for renting bandwidth.

Increasing profit sources: The iCache reduces the bandwidth occupation, provides excellent QoS and high-speed network access, and improves users' downloading experience. The internet service providers (ISPs) can utilize the saved bandwidth to develop more value-added services such as the broadband video and virtual private network (VPN).

Improving user experience: The iCache improves customers' satisfaction, loyalty, and experience, and reduces the cost of technical support, by greatly accelerating customers' downloading and caching the network resources into the LAN. Therefore, customers' complaints become less and less.

Accelerating content delivery: The iCache caches the Internet content to the LAN of the ISP as required to accelerate the delivery of the content such as video files and P2P sharing files. Therefore, the iCache shortens the time of occupying the bandwidth by end users

25

3 Typical Application

3.1 Success Case

The configuration of the iCache means to configure subsystem servers whose number varies with the number of users and amount of network traffic. The carrier's outlet bandwidth is 20 Gbit/s (bidirectionally 40 Gbit/s) and this carrier has 200,000 subscribers. Large amounts of P2P and online video applications lead to the insufficient outlet bandwidth and high inter-network settlement cost. The insufficient bandwidth degrades users' experience. Therefore, users complain more and more.

To solve the above problems, the carrier proposes the following requirements.

Reducing the inter-network settlement costLessening the pressure on the outlet bandwidthManaging effectively the P2P and online video trafficImproving users' experience to reduce their complaints

Upon analyzing the carrier's network, the parameters for the iCache are obtained, as listed in Table 3-1.

Item Parameter

Outlet bandwidth 20 Gbit/s

Outlet bidirectional traffic 2x 20 Gbit/s = 40Gbit/s

Number of subscribers 200,000

Average percentage of online users 35%

Based on the acquired system parameters, the iCache is deployed as follows:

Internet

RedirectionSubsystem

HTTPCache

Subsystem

P2P CacheSubsystem

Internet VideoCache

Subsystem

DispatchingSubsystem

ManagementSubsystem

GatewayExchange

AccessNetwork

SIG

iCache

Figure 3-1 iCache deployment

26

Figure 3-2 Cache flow analysis

Figure 3-2shows the running data on the iCache after deployed.

Cache flow analysis RRDTO

OL / TO

BI OETIK

ER

8.0G

7.5G

7.0G

6.5G

6.0G

5.5G

5.0G

4.5G

4.0G

3.5G

2.5G

1.5G

0.5G

0.0Week 07

flow0utRate 7.44Gbps

Maximum

Period: 2009/02/08 09:20 -- 2009/03/08 09:20

Minimum LastAverage

4.93Gbps 2.53Gbps 3.92Gbps

flowINRate 668.46Mbps 453.92Mbps 166.04Mbps 380.57Mbps

Week 08 Week 09 Week 10

3.0G

2.0G

1.0G

Cac

he f

low

: Mbp

s

Figure 3-2shows that after the iCache is deployed, the traffic is saved by 7 Gbit/s, about one third of the total 20 Gbit/s bandwidth. The average traffic reduced by the iCache is 4.5 Gbit/s. Table 3-2 lists the statistics.

Table 3-2 Saved bandwidth

iCache TrafficOut TrafficIn Save

Average 5 Gbit/s 450 Mbit/s 4.5 Gbit/s

Maximum 7.5 Gbit/s 660 Mbit/s 7 Gbit/s

By saving the network traffic, the iCache lessens the pressure on the network outlet bandwidth and effectively controls the traffic generated by the P2P and online video. The speed of downloading resources from the carrier's network is much higher than from the WAN. The P2P downloading and online video play are easier and more fluent. Users' complaints are greatly reduced.

27

4 Acronyms and Abbreviations

Abbreviation Full Spelling

iCache Internet Cache System

RSS Redirection Subsystem

DSS Dispatching Subsystem

CSS Cache Subsystem

MSS Management Subsystem

DPI Deep Packet Inspection

SIG Service Inspection Gateway

P2P Peer to Peer

CAPEX Capital Expenditure

OPEX Operating Expense

Huawei Technologies Co., Ltd.Address: Huawei Industrial Base

Bantian, LonggangShenzhen 518219People's Republic of China

Website: http://www.huawei.comEmail: support@huawei.com

Copyright © 2010 Huawei Technologies Co., Ltd. All rights reserved.No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of Huawei Technologies Co., Ltd.

Trademarks and Permissions and other Huawei trademarks are the property of Huawei Technologies Co., Ltd.All other trademarks and trade names mentioned in this document are the property of their respective holders.

NoticeThe product, service, or feature that you purchase should be restricted by the Huawei commercial contract and the clauses in the contract. All or a part of products, services, or features described in this document may not be purchased or used. Every effort has been made in the preparation of this document to ensure the accuracy of the contents, but the statements, information, and recommendations in this document do not constitute a warranty of any kind, expressed or implied.The information in this document is subject to change without notice. Every effort has been made in the preparation of this document to ensure the accuracy of the contents, but the statements, information, and recommendations in this document do not constitute a warranty of any kind, expressed or implied.