Computer Networks 51 (2007) 3902–3918

www.elsevier.com/locate/comnet

Probe-based admission control fora differentiated-services internet

Ignacio Mas *, Gunnar Karlsson

School of Electrical Engineering, KTH, Royal Institute of Technology, SE-100 44 Stockholm, Sweden

Received 6 October 2006; received in revised form 21 February 2007; accepted 16 April 2007Available online 29 April 2007

Responsible Editor: Nelson Fonseca

Abstract

End-point admission control solutions have been proposed to meet quality requirements of audio-visual applicationswith little support from routers. These proposals decentralize the admission decision by requiring each host or access gate-way to probe the network before sending data. In this paper we describe a probe-based admission control scheme thatoffers a reliable upper bound on packet loss, as well as small end-to-end delay and delay jitter. The admission control sup-ports host mobility and multicast communications without adding any complexity to the network nodes. We present amathematical analysis which relates system performance to design parameters and which can be used as a dimensioningaid for the system. Finally, we describe performance results from an experimental prototype as well as simulations thatprove that the scheme provides a reliable and efficient solution for QoS provisioning for delay and loss sensitiveapplications.� 2007 Elsevier B.V. All rights reserved.

Keywords: QoS; Admission control; DiffServ

1. Introduction

Today’s multimedia transmissions on the Internetrequire a better and more predictable service qualitythan that obtained with the available best-effort ser-vice. Most multimedia applications are designed tomanage losses and to smooth out the jitter incurredunder this network condition. Interactive communi-cation requires stringent delay requirements. For

1389-1286/$ - see front matter � 2007 Elsevier B.V. All rights reserved

doi:10.1016/j.comnet.2007.04.009

* Corresponding author. Tel.: +46 84045580.E-mail addresses: nacho@kth.se (I. Mas), gk@kth.se (G.

Karlsson).

example, IP telephony requires a one-way delay ofroughly 150 ms that needs to be kept during thewhole call [1].

The IETF has proposed two different architec-tures to provide quality of service (QoS) guarantees:Integrated Services (IntServ) [2] and DifferentiatedServices (DiffServ) [3]. IntServ provides three classesof service to the users: the guaranteed service (GS)[4] offers transmission with no packet loss and withdeterministically bounded end-to-end delay byassuring a fixed amount of bandwidth for the trafficflows; the controlled-load service (CLS) [5] providesa service similar to a best-effort service in a lightly

.

I. Mas, G. Karlsson / Computer Networks 51 (2007) 3902–3918 3903

loaded network by preventing network congestion;and, finally, the best-effort service, which lacks anykind of QoS assurances. IntServ routers need to keepper-flow states and must process per-flow reserva-tion requests, which can create an unmanageableprocessing load in the case of many simultaneousflows. Consequently, the IntServ architecture pro-vides an excellent quality of service in the GS class,and tight performance bounds on the CLS class;however it has known scalability limitations.

The second approach to providing QoS in theInternet, the DiffServ architecture, puts much lessburden on the routers. DiffServ uses an approachsometimes referred to as class of service (CoS), bymapping flows into a few service levels. Applica-tions or ingress nodes mark packets with a DiffServcode point (DSCP) according to their QoS require-ments. The routers have to provide a set of per-hopbehaviors (PHB), with associated queues and sched-uling mechanisms, like expedited forwarding [6] orassured forwarding [7], and schedule packets basedon the DSCP field.

A drawback of the DiffServ scheme is that it doesnot contain admission control. The scheme reliesinstead on service level agreements (SLA), whichmeans that a given service class might be overloadedand all the flows belonging to that class will thensuffer increased packet delays and loss. Thus, theaggregation of flows in DiffServ gives improved sca-lability, but at the cost of a less stringent QoS assur-ances to user flows. The same scalability propertiescreate as well a less dynamic environment for settingup sessions, since the admission control is based onwritten SLA’s.

In this paper, we propose a probe-based admis-sion control (PBAC) scheme which provides a reli-able upper bound on the packet loss probabilitythat a flow is exposed to in the network. The pro-posed PBAC scheme allows a DiffServ implementa-tion of the controlled-load service [8–12]. The CLScan operate along the best-effort service by allocat-ing a fixed part of the link capacity to it. The best-effort traffic can use both capacity that has not beenreserved by the CLS class as well as reserved capac-ity that the class does not use. The delay in the con-trolled-load service is bounded by using small,packet-scale buffers in the routers [13]. Our proposalhas low implementation complexity and builds onrouter functionality which is available in commonlydeployed routers in today’s networks. The papersummarizes all the findings previously reported in[10–12]; it adds new results from simulations and

testbed experiments, and presents new extensionsof the scheme to support mobility; it describes theimplementation details of our testbed prototype.

The remainder of the paper is organized as fol-lows: in Section 2 we give an overview of traditionalper-hop measurement-based admission controlschemes, usually applied in IntServ-like architec-tures, as well as the new family of end point basedones; Section 3 describes the probing procedureand the different parameters involved, as well asthe prototype implementation; Section 4 describesthe application of PBAC to multicast, and Section5 describes the mobility extensions. Section 6 offersan analytical model. We validate the model withsimulations and experimental results, and offer aperformance analysis in Section 7. Finally, in Sec-tion 8 we offer our conclusions.

2. Related work

The field of admission control has been exten-sively investigated in recent years. In the followingtwo sections we offer an overview of different mea-surement-base admission control (MBAC) schemes.The schemes are classified in per-hop or end-pointschemes as a way to explain the evolution of theideas in the research community.

2.1. Per-hop measurement-based admission control

schemes

A set of measurement-based admission controlschemes has appeared in the literature during thelast 10 years. These schemes follow the idea of Int-Serv to limit network load by connection admissioncontrol that does not require per-flow states or exacttraffic descriptors. The schemes use some worst-casetraffic descriptor, like the peak rate, to describeflows trying to enter the network. Then they basethe acceptance decision in each hop on real-timemeasurements of the aggregate flows.

All these algorithms focus on providing resourcesat a single network node and follow some admissionpolicy, like complete partitioning or complete shar-ing. The capacity-partitioning scheme assumes afixed partition of the link capacity for each of thedifferent classes of connections. Each partition cor-responds to a range of declared peak rates, andthe partitions cover together the full range ofallowed peak rates without overlap. A new flow isadmitted only if there is enough capacity in its classpartition. This provides a fair distribution of the

3904 I. Mas, G. Karlsson / Computer Networks 51 (2007) 3902–3918

blocking probability amongst the different trafficclasses, but it risks lowering the total throughputif some classes are lightly loaded while others areoverloaded. The capacity sharing scheme, on thecontrary, makes no distinction among flows. Anew flow is admitted if there is capacity for it, whichmay lead to a dominance of flows with smaller peakrates. To perform the actual admission procedure,measurement-based schemes use RSVP signaling,which can incur on additional blocking because ofprovisional reservations, which need to be releasedwhen a downstream router blocks the call or thereis a long call setup phase.

The idea of measurement-based admission con-trol is further simplified in [14]. In this proposalthe egress routers decide about the admission of anew flow. Edge routers passively monitor the aggre-gate traffic on transmission paths, and accept newflows based on these measurements.

An overview of several MBAC schemes is pre-sented in [15]. This overview reveals that all the con-sidered algorithms have similar performance,independently of their algorithmic complexity. Whilemeasurement-based admission control schemesrequire limited capabilities from the routers andsource nodes, compared to traditional admissioncontrol or reservation schemes, they show a set ofdrawbacks: Flows over longer transmission pathsexperience higher blocking probabilities than flowsover shorter paths, and flows with low capacityrequirements are favored over those with high capac-ity needs. The later drawback is somehow mitigatedin the capacity-partitioning schemes, though it stillsuffers from the level of granularity that the partition-ing achieves.

2.2. End-point admission control schemes

In the recent years a new family of admissioncontrol solutions has been proposed to provide con-trolled-load like services with little or no supportfrom the routers. These proposals share the com-mon idea of end-point admission control based onmeasurements: A host sends probe packets beforestarting a new session and decides about the flowadmission based on statistics of probe packet loss[16,8,17], explicit congestion notification marks[18–20], delay or delay variation [21–23]. The admis-sion decision is thus moved to the edge nodes, and itis made for the entire path from the source to thedestination, rather than per-hop. Consequently,the service class does not require any other support

from the routers than one of the various schedulingmechanisms required by DiffServ, and possibly thecapability of marking packets.

In most of the schemes, the accuracy of theadmission decision requires the transmission of alarge number of probe packets to provide an estima-tion of the network state with good confidence. Fur-thermore, the schemes require a high multiplexinglevel on the links to make sure that the load varia-tions are small compared to the average load.

A detailed comparison of different end-pointadmission control proposals is given in [24]. Itshows that their respective performances are quitesimilar, and thus the complexity of the schemesmay be the most important design consideration.

3. Probe-based admission control

Our admission control belongs to the family ofend-point admission control schemes. In this wayit avoids the added complexity that per-hop schemespresented in Section 2.1 require from the networknodes.

The main difference of our scheme in comparisonwith the end-point admission control schemes pre-sented in the previous section is the level of com-plexity that the schemes require, as well as supportfor advance functionality like multicast or mobility.The ECN-based schemes presented in [18–20] treatprobe and data-packets identically, marking themwhen congestion occurs. Flows send the amountof traffic they wish, but they are charged for themarked packets. Our scheme, on the contrary, dif-ferentiates probe and data packets, so that probescan never disturb ongoing sessions. It also imposesa limit to the amount of traffic a flow can send, sothat the traffic never exceeds the quantity yourequested from the network by probing.

The other set of schemes presented in the previ-ous section are a sample of a group of schemes thattry to estimate the available bandwidth in the net-work path, by using delay timing techniques overpacket pairs or trains of packets. The main differ-ence with our scheme is that we do not look for afigure of available bandwidth; instead we justanswer the question of whether the new flow fitsin the network path or not. The delay timing tech-niques relay on a set of mathematical formulasapplied over the difference in inter-packet time atsource and destination, which achieve different lev-els of accuracy in the bandwidth estimation. PBAC,however, only measures packet loss and makes an

I. Mas, G. Karlsson / Computer Networks 51 (2007) 3902–3918 3905

estimation of the loss the flow would experience ifadmitted.

The purpose of our admission control scheme isto prevent new sessions from degrading the QoSof ongoing sessions below some pre-establishedlevel. We are, thus, preventing congestion fromoccurring, rather than resolving it after it happensas with reactive schemes such as TCP friendly ratecontrol. Our contribution builds on the argumentsoffered in [24] by providing a low complexity endpoint admission control solution which onlyrequires support from routers which is commonlyavailable in deployed equipment.

3.1. General description of the admission control

The admission control is done by measuring theloss ratio of probe packets that are sent at the peakrate of the flow and transmitted with low priority toavoid disturbing already established sessions. Thescheduling system of the routers consequently hasto differentiate data packets from probe packets. Toachieve this, two different approaches are possible(see Fig. 1). In the first, there are two queues, one withhigh-priority for data and one with low priority forprobe packets. In the second approach, there is justone queue with a discard threshold for the probes.Considering the double-queue solution, the size ofthe high-priority buffer for the data packets isselected to ensure a low maximum queuing delayand an acceptable packet loss probability, i.e., to pro-vide packet-scale buffering [25]. The buffer for theprobe packets can accommodate a small number ofprobe packets, usually one packet per router inputinterface to ensure an over-estimation of the data-packet loss while avoiding probe thrashing effects

Data

Probes+

Low + Highpriority

Threshold QueueScheme

Double QueueScheme

Highpriority

Lowpriority

Low + Highpriority

Probe discardthreshold

Probes

Data

Fig. 1. The queuing system.

(discussed in Section 3.2.4). The threshold-queuecan be designed to provide similar performance tothe double-queue solution, as shown in Section 7.1.The choice between the two approaches can be leftas a decision for the router designer.

Fig. 2 shows the phases of the PBAC sessionestablishment scheme. When a host wishes to setup a new flow, it starts by sending a constant bit rateprobe at the maximum rate that the data flow willrequire. The probe duration is chosen by the senderwithin a range of values defined in the service con-tract. This range forces new flows to probe for a suf-ficient time to obtain a sufficiently accuratemeasurement, while it prohibits them from perform-ing unnecessary long probes. The probe packet sizeshould be small to maximize the number of packetsin the probing period. When the host sends theprobe packets, it specifies the peak bit rate and thelength of the probe measured in packets. With thisinformation the host can perform an early rejectionbased on the maximum number of packets lost inorder not to surpass the target loss probability. Ifsurpassed, the flow is immediately rejected. Theprobe packets also contain a flow identifier to allowthe host to distinguish probes for different sessions.Since one sender could open more than one sessionsimultaneously, the IP address in the probes is notenough to differentiate them.

Upon receiving the first probe packet for a flow,the host starts counting the number of receivedpackets and the number of lost packets (by checkingthe sequence numbers of the packets it receives).When the probing period finishes and the hostreceives the last probe packet, it compares the upperbound of a confidence interval for the estimatedprobe loss (see Section 3.2.1) with the target loss.It then sends back an acknowledgment packet

ACK

ACK

newsession

newsession

newsession

NACK

Probe

Probe

Probe

Probe

ACK

Data

Data

Data

MeasurementProbe length

Ploss < Ptarget

MeasurementProbe length

Ploss < Ptarget

Backofftime

Probe length

Measurement

Measurement

Probe length

Ploss < Ptarget

Ploss > Ptarget

Tim

eout

Tim

eout

Tim

eout

Tim

eout

Tim

eout

Tim

eout

Tim

eout

Fig. 2. The probing procedure.

3906 I. Mas, G. Karlsson / Computer Networks 51 (2007) 3902–3918

accepting or rejecting the incoming flow dependingon whether the bound was met or exceeded. Thisacknowledgment packet is sent back at high-priorityto minimize the risk of loss. If the decision is positive,the receiver starts a timer to control the arrival of datapackets. The value of this timer ought to be slightlymore than two round-trip times (RTT), since therecould be variations on the RTT value and the ACKpacket has to arrive to the sender and trigger thetransmission of data packets. If this timer goes off,the host assumes that the acceptance packet has beenlost and resends it. The value of the timer can be set,for example, to 600 ms, as a design choice, whichshould suffice as twice the RTT for most paths onthe Internet. This value only affects the setup delayfor new flows in the case of a loss of the acknowledg-ment packet. The receiving host cleans up the infor-mation for the incoming flow when the timerexpires without having received any data packet.

When the probe process finishes, the sender startsa timer with a value greater than two times theexpected round-trip time. The value follows thesame argument as the receiver timeout, explainedin the previous paragraph. This timer goes off incase the sender does not receive an acknowledgmentto the probe. The timer allows the sender to inferthat none of the probe packets went through or thatthe acknowledgment packet with the acceptancedecision from the receiver got lost. The senderassumes the first scenario, since the admission deci-sion is sent at high priority, and aborts the process.The value of the timer can again be set to 600 ms.Nevertheless, the effect of this timer on the wholesetup delay is negligible, since it only affects flowsthat would have to back off anyway.

Finally, when the sending host receives the accep-tance decision, it starts sending data with high-pri-ority, or, in the case of a rejection, it backs off fora certain amount of time, before starting to probeagain. In the case in which the sender has no datato be sent, a keep alive mechanism is started ashigh-priority data to avoid the receiver from closingthe connection. In subsequent tries, the host canincrease the probe duration, up to the maximumlevel allowed, so that a higher accuracy is achievedfor the measurement. There is a maximum numberof retries that a host is allowed to perform beforehaving to give up. The back-off strategy and thenumber of retries affect the connection setup timefor new sessions and should be carefully tuned tobalance the acceptance probability with theexpected setup delay. The experimental prototype

and the simulations use an exponential back-offwith an average of twice the probe duration, whichhas proved effective to reduce the effect of probethrashing (see Section 3.2.4).

The acceptance threshold is fixed for the serviceclass and is hence the same for all sessions. The rea-son for this is that the QoS experienced by a flow is afunction of the load from the flows accepted in theclass. Considering that this load depends on thehighest acceptance threshold among all sessions, byhaving different thresholds all flows would degradeto the QoS required by the one with the least strin-gent requirements. The class definition also has tostate the maximum data rate allowed to limit the sizeof the sessions that can be set up. Each data flowshould not represent more than a small fraction ofthe service class capacity (no more than 10%), toensure that statistical multiplexing works well [26].The enforcement of the maximum peak rate can bedone by the service provider by using simple moni-toring tools in the aggregation node [27].

3.2. Architectural considerations

Admission control based on end-point measure-ments has a number of difficulties that deal withthe open and best-effort nature of the Internet. Toovercome those difficulties some architectural con-siderations need to be taken into account. The fol-lowing sections offer some insights into commonproblems of end-point admission control schemes,with our proposed solutions and comments.

3.2.1. The acceptance decision

To perform the acceptance decision, we define atarget loss probability ppr and measure the empiricalloss probability pme from the probe. The accuracy ofthe measurement depends on the number of probepackets, so we should use the smallest packet sizepossible in order to maximize the number for a cho-sen probe duration.

For our first test of the admission decision rule, weassumed a normal distribution of the probe loss [8].This assumption allows us to define a confidence levelon the measured loss probability, so that a session is

acceptable if: pme þ zR

ffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffipme�ð1�pmeÞ

s

q6 ppr, given that

ppr · s > 10. In this, s is the number of probe packetssent, R is the confidence level we want to have and zR

is the 1 � (1 � R/2)-quantile of the normal distribu-tion. The second condition ensures that we have suf-ficient number of samples for the estimation.

0

0.1

0.2

0.3

0.4

0.5

0.6

0.7

0.8

0.9

1

1.1

0.28 0.3 0.32 0.34 0.36 0.38 0.4 0.42 0.44

Cum

ulat

ive

dist

ribut

ion

func

tion

Packet loss ratio

Empirical cdfNormal cdf

Fig. 4. CDF of the probe loss ratio for a 5 Mb/s peak rate callover a 100 Mb/s link.

I. Mas, G. Karlsson / Computer Networks 51 (2007) 3902–3918 3907

We have tested the normality assumption exper-imentally and by simulations by performing overone thousand probe sessions and then using a Kol-mogorov–Smirnov test for each probe loss distribu-tion. The results can be seen in Figs. 3 and 4. Thesetwo figures were generated by experimental runs inour laboratory prototype setup (see Section 3.3.3)using probe sessions of 2 s. Both figures were gener-ated with background on–off traffic with exponen-tially distributed holding times with 20 ms averageon holding time and 1 Mb/s rate when on, and35.5 ms average off holding time. The backgroundtraffic was filling 85% of the link capacity. Fig. 3shows the CDF of the probe loss ratio for 1247probe sessions of 1 Mb/s, as well as the CDF ofthe normal distribution with the same average andvariance. The experimental data distribution has a97.7% chance of being obtained from the normaldistribution according to the goodness of fit test.Fig. 4 show the CDF for a probe of 5 Mb/s peakrate over the same link and with the same back-ground traffic. In this second case the goodness offit test gives a 82.3% confidence value for ourassumption. Some extra simulations have proventhat the normality assumption holds with someother source types like Pareto distributed on–offsources and for any level of link load.

3.2.2. Multiple service levels

As we have already mentioned, there is only oneacceptance threshold for the service class. This isrequired in order to avoid flows with less stringentpacket loss requirements from being admitted evenwhen their acceptance deteriorates the service beingoffered to already accepted flows. However, it seemsnatural to offer several different quality of services

0

0.1

0.2

0.3

0.4

0.5

0.6

0.7

0.8

0.9

1

1.1

0.01 0.02 0.03 0.04 0.05 0.06 0.07 0.08 0.09

Cum

ulat

ive

dist

ribut

ion

func

tion

Packet loss ratio

Empirical cdfNormal cdf

Fig. 3. CDF of the probe loss ratio for a 1 Mb/s peak rate callover a 100 Mb/s link.

over the CLS partition. One possible way is to usesource shaping and forward error correction to dif-ferentiate amongst ongoing sessions, thus achievingapplication specific quality differentiation in termsof end-to-end delay and packet loss probability [28].

3.2.3. Routing stability

An important concern of all end-to-end admis-sion control schemes is the stability of the route foran accepted session. If the network routing changes,then we cannot guarantee that the new path will stillconform to the maximum packet loss rate. However,we assume that route changes occur either due to aload balancing scheme or to topological changes.In the first case, as we are reducing the load of thelinks, there is no need to perform a new acceptancedecision. In the second case the applications noticea disruption in the data flow. We require that a flowis terminated when the target loss probability is vio-lated (a force majeure clause in the service specifica-tion). Hence a new call setup is required in order toreestablish the flow. Note that the session may con-tinue at best effort in the meantime. The determina-tion of a service violation is done by the admissioncontrol software in the host an can be enforced bysimple monitoring schemes in the service provideraccess nodes [27]. The violation of the service needsto be specified in the service level agreement.

3.2.4. Thrashing and the impact of uncompliant

sources

Another important issue to deal with is that ofmany flows probing the network at the same time.Breslau et al. [24] argue that a high cumulative probetraffic can prevent further admissions and thusreduce the number of flows to well below the

3908 I. Mas, G. Karlsson / Computer Networks 51 (2007) 3902–3918

possible link utilization. We have tried to quantifythis possible thrashing behavior by simulations andwe have found that it requires a significant percent-age of the link capacity (over 10%) of synchronizedprobing in order to reduce the link utilization. More-over, by using an exponential back-off strategy thatrandomizes the subsequent arrivals of probing flows,the thrashing behavior turns into a temporal situa-tion that resolves itself after a few probing rounds.

There is one situation in which the admissioncontrol scheme would have problems to accuratelypredict the data loss, and it is the case in whichwe have a certain number of admitted sessions thattransmit nothing at all for periods of time longerthan the probe length. However, the multiplexingof independent sessions makes it highly unlikelyfor a large number of them to keep silent at exactlythe same time. The silent sessions only have anoticeable effect on the prediction if they are syn-chronized and represent a large share of the linkcapacity (>10%). Further details about the thrash-ing effect and the impact of uncompliant sourcescan be found in [10].

3.3. Experimental prototype

One of the most important reasons for the lack ofdeployment of QoS architectures in today’s Internetis the complexity required. Both IntServ and Diff-Serv schemes demand significant changes to the net-work nodes. One of the main advantages of PBACis the ease of its implementation in current softwareor hardware routers. The main goal of PBAC is toprovide reliable admission control with minimalsupport from the routers. With this goal in mindwe have moved the required complexity to theend-nodes, following the end-to-end argument insystems design [29].

A test prototype has been implemented in Linuxand it provides the basic functions of the PBACadmission control protocol. The basic modules ofthe prototype are presented in the followingsubsections.

3.3.1. The queuing system

The implementation uses the simple 3-band pri-ority scheduler of the Linux kernel to offer the capa-bilities of the double-queue scheme, reserving thethird band in the scheduler for the low prioritybest-effort traffic. Minor modifications have beenperformed to allow controlling the size of the prior-ity queues in the scheduler by adding two variables

to the pfifo_fast queue [30]. The queue honors thetype of service flag of IP packets, and inserts high-priority packets in band 0. FIFO applies to eachof the three bands. The length of the total queueis obtained from the interface configuration, whilethe two extra variables control the length in packetsof band 0 and band 1.

More complete implementations of the queuingscheme will recognize the DSCP code point of theDiffServ architecture instead of the ToS field whichhas been rendered void.

3.3.2. The admission control libraries

The PBAC protocol has been implemented as aset of libraries that both clients and servers callwhen opening a CLS UDP socket in order to per-form the probing phase. These libraries can thusbe linked on demand in the applications willing tosupport the controlled-load service class. The func-tions implemented in the libraries include creatingthe probe packets with the proper DSCP field (ortype of service in our prototype), controlling theCLS flow table (see Section 3.3.3) and performingthe admission decision. The signaling functionsneeded for the multicast and mobility support havebeen left out of the prototype implementation.

All the CLS packets carry an extra header thatcontains the following information: flow identity,peak rate of the flow, probe length in packets,packet type and sequence number. This informationis required to update the CLS flow table that allend-nodes contain, as well as the root node of themulticast tree when using multicast, or the homeagent for the mobility support. The packet type dif-ferentiates the following packets: probe and datapackets, admission decision, change of rate packetsfor the multicast case and extra padding packets toachieve the peak rate in case of mobile nodes chang-ing attachment point.

It is worth noticing that the real-time protocol[31] can be used to provide the required headerinformation. We would just need to encode theprobe length and probe peak rate in the CSRC fieldof the RTP header. Since RTP is basically imple-mented in most applications, using it as our real-time transport protocol over UDP only requiresmodifying our PBAC libraries that encapsulate allthe controlled-load service packets.

3.3.3. The CLS flow table

In order to provide support for mobility andmulticast, we need the end nodes to maintain soft

I. Mas, G. Karlsson / Computer Networks 51 (2007) 3902–3918 3909

information about the CLS flows that they aretransmitting or receiving. This information is storedin a table which contains the following informationfor each flow: source and destination IP address andsource and destination port, flow identity, peak rateof the flow and length of the probing period, as wellas whether the flow is in the probing phase or trans-mitting data. All the elements in the network whichare PBAC-aware, i.e. end-nodes, multicast rootnodes and home agents, contain this table and areable to check the status of each particular flow toperform the necessary functions to allow mobilityor multicast transmission.

4. Application to multicast

In order to adapt the admission control for mul-ticast we create two multicast groups: one for theprobe process and another for the data session itself.The only requirement of the admission control isthat the root node of the multicast tree must per-form an admission decision for new senders, butthe rest of the routers only need to have the prior-ity-based queuing system to differentiate probesfrom data. All that the probing procedure assumesis a sender-based multicast routing protocol with aroot node (rendez-vous point). By having a separatemulticast tree for probe packets we only have probetraffic in the tree when there are receivers willing tojoin the multicast group. If there are no receivers inthe probing phase, the probe traffic is only for-warded to the source of the tree. The described pro-cedure also works for the emerging PIM-SSM [32]routing protocol. The creation of source-specificmulticast trees both for probe and data packetsoffers a perfect control on the admission decisionfor each one of the different senders. Multicastreceivers perform an admission decision for eachof the flows from different senders independentlyand there is no need to perform an admission deci-sion for senders, as the root node is the sender itself.

The following two subsections offer a descriptionof the way PBAC allows multicast senders andreceivers to perform admission control when joininga multicast group.

4.1. Multicast sender procedure

The simplest multicast case we consider is a singlesender with a fixed peak rate. The sender onlyprobes the path to the root node of the multicasttree. This probe ensures that the sender is able to

deliver the data to this node with the desired quality.When the root node receives the probe, it forwardsthe probe packets onto the multicast tree for prob-ing so that receivers which have joined can startmeasuring the loss. Meanwhile, the root node mea-sures the probe–packet loss and makes an admissiondecision for the sender. If the decision is negative,the sender is rejected. In this case, the receivers willalso see too high losses to join and will back-off. Theprobing from the sender to the root continues for aslong as the sender is active.

In the case of multiple multicast senders, thereare some concerns to take into account. The firstpertains to the sender policy for the group: theremay be multiple senders for the session, whichmay be active simultaneously or sequentially. How-ever, as far as the admission control is concerned, itis only the peak rate of the transmission that shouldbe considered. Only when it increases (eitherbecause the sender changes its rate or because wehave a new sender with a different rate) do we needto perform the probing of the receivers again. Thesecond concern is how to define the admission pol-icy for a new peak rate. There are cases in whichan increased peak rate should only be allowed ifall receivers are able to meet the desired quality ofservice. If this is the case, the failure of a single recei-ver to remain below the loss target for the newprobe would be enough to reject the increase. Therecould also be a threshold on the number of receiversthat are not able to properly receive the multicasttraffic for the sender to join the group. How todefine the threshold is an issue related to the partic-ular policy of the multicast group, although enforc-ing complex admission decisions requires somesignaling protocol support that is not included inthe admission control.

If we have multiple senders that share the samereservation and do not transmit simultaneously,then a new sender only needs to perform a unicastprobe to the root node. In case an increase of thepeak rate is necessary, the sender notifies all thereceivers by a special data packet (‘increase of rate’packet; see Section 3.3.2 for a description of the sig-naling packets).

This scheme also works when we have more thanone simultaneous sender. If a new sender wishes tojoin the multicast group, it starts sending probepackets to the root node, until it receives the admis-sion decision from it. Then, it sends the ‘increase ofrate’ packet to the data group in order to notifyall the receivers of the increased probe rate. The

3910 I. Mas, G. Karlsson / Computer Networks 51 (2007) 3902–3918

interesting idea in this scheme is that it completelydecouples the coordination of the multicast sendersfrom the admission decision made for the receivers.The receivers do not care whether it is just one ormany senders sending data to the multicast group,as long as they stay within the peak rate of the ses-sion. The coordination of the senders can be per-formed by some other means, like a differentmulticast group or a central coordination node,for example. However, this is a session layer issuethat is not part of the PBAC protocol.

4.2. Multicast receiver procedure

The procedure for a multicast receiver to join thegroup is quite simple. The receiver first joins theprobe group and measures the probe packet lossfor a certain period of time. It chooses the amountof time that it will measure the probe packet loss,as a longer admission period gives a higher accuracyof the probe packet loss and consequently also alower blocking probability.

Once the receiver has performed the estimationof the packet loss probability and compared it withthe target loss, it leaves the probe group. If theadmission decision is positive, the receiver immedi-ately joins the data group, while in the case of a neg-ative decision, it needs to back-off for a period oftime before trying to join again. The time the recei-ver has to back-off can be stated in the service con-tract or in the announcement of the multicast group.It is important to note that there are probe packetsforwarded on the multicast probe tree only whenthere are receivers in the probing phase. In the caseof a negative decision, the host should give up afterthree consecutive attempts, where a failure alsocould be the lack of probe packets (if the multicastsession has ended).

All receivers must be able to recognize the special‘increase of rate’ packets in the data group. Thesepackets are sent by the multicast senders when thepeak rate of the group needs to be increased. Whena host receives one of these packets, it should imme-diately join the probe group, because the peak rateof the data group will be increased and a new admis-sion decision is therefore necessary.

5. Host mobility support

The new advances in radio hardware haveenabled a proliferation of IP-based wireless commu-nication networks which allow mobility of the end

nodes. End-node mobility requires a set of mecha-nisms to be implemented in both the end hostsand the network, which are generally called mobilitymanagement mechanisms. These mechanisms canbe handled at different layers, but IP solutions arethe most general and have been standardized bythe IETF with the generic name of Mobile IP [33].

5.1. Mobile admission control through a home agent

Probe-based admission control works transpar-ently over current Mobile IP standards, both forIPv4 and IPv6. When Mobile IP is employed via ahome agent, the admission control protocol simplyuses the bidirectional IP tunnel created betweenthe home agent and the foreign agent to perform anew probe when the mobile node changes its net-work attachment point. In order to avoid data lossin the hand off, the data packets originallyaddressed to the home address are used as probepackets in the IP tunnel, sent at low priority andpadded up to the required peak rate of the ongoingflow. The application of PBAC to mobile nodesassumes a stable radio channel and thus does notconsider effects like fading or multi-path propaga-tion, which could increase the losses.

When a mobile node visits a new network, itupdates its home agent with the new IP address.Upon receiving the update, the home agent checksthe information of the ongoing flows addressed tothis particular mobile node in the CLS flow table.The table contains the peak rate of the ongoingflows, which was read from the original probe pack-ets to the mobile node. The home agent then startsencapsulating the data received for the mobile nodeinto new IP packets addressed to the foreign agentor the care-of-address of the mobile node. The homeagent sets the DSCP of the new IP packets to lowpriority and uses the original IP packets as the dataof the new probe, adding extra IP packets as neededto achieve the desired peak rate for the probing. Themechanism to create the new probe packets resem-bles a token bucket where the original IP packets fillup the data part of the constant bit rate IP packetsthat the bucket generates, and when the bucket isempty it generates extra padding IP packets whichare marked accordingly (see Section 3.3.3).

Upon receiving the first low priority data packet,the mobile node starts again to measure the lossratio and performs the usual acceptance decisionbased on the estimated loss probability. If the deci-sion is positive, the mobile node notifies the home

I. Mas, G. Karlsson / Computer Networks 51 (2007) 3902–3918 3911

agent that it should set the DSCP code point tohigh-priority and stop padding packets to matchthe peak rate. The admitted flow then proceeds inhigh-priority through the IP tunnel from the homeagent to the mobile node. In the case of a rejection,two different policies can be implemented: The flowcan proceed as a best-effort low priority flow with-out any kind of QoS guarantees, or it can beterminated.

5.2. Mobile admission control through route

optimization

Route optimization extensions to Mobile IP havebeen standardized for Mobile IPv6. These exten-sions allow the mobile node to notify its currentcare-of-address to the nodes participating in thedata transmission. The peer nodes have a bindingcache which stores the care-of-address of the mobilenode, and use this address as the destination fortheir IP packets. The actual home address of themobile node is included in a special IPv6 routingheader. Route optimization includes a mechanismto establish security parameters that authenticatesthe signaling messages being exchanged.

The addition of the admission control over therouting optimization is straightforward, since wecan use the binding update message to indicate theneed of a new probing phase to the peer node. Whenthe binding cache is updated, the peer node sendsthe data packets to the new care-of-address as lowpriority IP packets and it adds padding IP packetsto match the peak rate, which is stored in the CLSflow table. The mobile node receives the low prioritydata packets and performs the admission decision asappropriate, notifying the peer node of the accep-tance or rejection of the transferred flow. Again, itis a question of the policy of the communicationtaking place how to react to a rejection, either termi-nating the flow or keeping on transmitting it as abest-effort flow.

5.3. Mobile admission control when the mobile node

is the sender

PBAC also works in the case when the mobilenode is the origin of the multimedia flow. The pro-cedure for both the home agent and the route opti-mization cases is quite similar. When the mobilenode enters the new cell it starts transmitting thedata packets in low priority and pads up thedata flow to the required peak rate. The receiver

identifies the data packets as low priority andstarts counting the packet loss ratio, performingan admission decision after the defined probingtime. The low priority data packets will traversethe bidirectional IP tunnel or be directly routed tothe peer node, depending on the Mobile IP schemeused.

6. Analytical model

One of the main concerns in all the admissioncontrol schemes is how to properly determine theinitial parameters for the system. In this sectionwe provide an approximate analysis of PBAC, ableto give useful insights on the behavior of the admis-sion control in a real situation. This analysis pro-vides the means to relate the following variables:queue size (K), acceptance threshold (Th), accep-tance probability (Pa), packet loss probability (Ploss)and link utilization. By using this type of analysis,we are able to give a bound on the latter variablesas a function of the acceptance threshold and thequeue size in our system.

The analysis focuses on a single link, where newcalls arrive according to a Poisson process of ratek calls/s. We assume the average connection holdingtime to be 1/l. Each new call probes the link with aCBR train of probe packets during a time tp at thepeak rate (R) of the call with probe packets of s bits,which gives np probe packets per probing period(np = R · tp/s). If we assume that the packet lossprobability for subsequent probe packets is inde-pendent due to the low peak-to-link rate ratio, thenwe can express the probability for a new connectionto be accepted as:

P a ¼Xnp

i¼nmin

np

i

� �ðP scÞið1� P scÞnp�i

; ð1Þ

where i is the number of probe packets successfullytransmitted and nmin is the minimum number of suc-cessful probe packets for a call to be accepted,which can be expressed as:

nmin ¼ np � bTh� npc:

In (1), Psc represents the probability of success ofone probe packet. This probability needs to becomputed for the two different queue types thatPBAC considers. We will develop here the analy-sis of the double-queue scheme, following the workin [22]. We consider a double queue with a low

3912 I. Mas, G. Karlsson / Computer Networks 51 (2007) 3902–3918

priority packet buffer of one packet. In this case,when a probe packet arrives to the system it willbe successfully transmitted if the high-priorityqueue is empty, or if the residual duration of thebusy period (frb) in the high-priority queue is lessthan T, being T the probe packet inter-arrival time(T = s/R):

P sc ¼ ð1� qÞ þ qZ T

0

frbðtÞdt ¼ ð1� qÞ þ qF rbðT Þ

ð2Þ

with q ¼ kl. For the analysis to be tractable, we need

to assume that the high-priority packet buffer is infi-nite. This assumption allows us to consider the high-priority queue as an M/D/1 system, in which thecumulative distribution function of the busy period(Fbp) can be obtained as:

F bpðbÞ ¼Xn

j¼1

ðjqÞj�1

j!e�jq; where n ¼ b

EðsÞ

� �ð3Þ

but we are interested in the remaining busyperiod in the queue, which is related to Fbp(t) asfollows:

frbðtÞ ¼1� F bpðtÞ

E½bp� ; with E½bp� ¼ 1

1� q: ð4Þ

The residual busy period is a step function, as it de-pends only on the number of packets in the queue tobe served. If we assume that the packet being servedhas 0.4 of its remaining service time, then the func-tion will have values 0.4, 1.4, 2.4 service times andso forth. If we normalize over the service time, weobtain:

Z T

0

frbðtÞdt ¼XbT�1c

i¼0

frbðiÞ þ frbðbT cÞðT � bT cÞ: ð5Þ

Finally, applying (3)–(5) to (2), we obtain the prob-ability of success of one probe packet as a factor ofT and q. Once we have the probability of success ofone probe packet, we just need to apply it to thebinomial distribution in (1) to obtain the acceptanceprobability for a new call.

In order to compute the actual packet loss prob-ability that the ongoing sessions will experience, wewill use the formula developed in [34], whichapproximates the packet loss rate by:

Rlossðk; T ; nÞ ¼ RpsðK; T ; nÞ þ RbsðK; T ; nÞ ð6Þ

with

RpsðK; T ; nÞ ¼XnT

m¼1

n

m

� �amð1� aÞn�mQm

T ðKÞ ð7Þ

and

RbsðK; T ; nÞ ¼Xn

m¼nTþ1

n

m

� �amð1� aÞn�m m� T

T:

ð8ÞIn these formulas, Rps and Rbs represent the packetand burst-scale lost rates respectively, K representsthe buffer size of the HP queue, n is the number ofongoing calls producing on/off traffic, with an activ-ity factor of a. The ongoing calls produce a periodicstream of packets with period T in the on state.Finally, Qm

T ðKÞ is the exact solution for the tail prob-ability of an m*D/D/1 queue [34].

7. Performance evaluation

We have performed simulations with the networksimulator NS-2 to validate our analytical model.The simulations contained sources with exponen-tially distributed on–off times, and peak rates (rpr)of 100 kb/s over a 10 Mb/s link, or 1 Mb/s over a100 Mb/s link. The on–off holding times had anaverage of 20 and 35.5 ms, respectively. Packet sizeswere 64 bytes for the probe packets and 128 bytesfor the data packets, while the probe length wasalways 2 s. We used a confidence interval for theadmission decision of 95%. The simulation timewas 2000 s and the average holding time foraccepted flows (1/l) was 50 s. Confidence intervalsfor each simulation are too small to be plotted inthe figures. The flow arrival rate (k) varied in eachsimulation to increase the offered load to the system.The queue used, unless noted otherwise, was a dou-ble queue with a low priority buffer of one packetper input port and a high priority buffer of onethousand packets, to simulate the infinite queue,or 10 packets for a finite queue.

To prove the behavior of our probing scheme wehave used a simple one bottleneck link topology. Theresults for a multilink scenario obtained in [8] showthat the highest loaded link dominates the behaviorand that the scheme discriminates against flows withlonger paths. The setup used to generate the figurescontains a variable number of sources sending datato one router which implements the double-queuescheme. The output link connects to another routerwith the same queuing scheme. A traffic sink is

Trafficsources

Trafficsink

RouterCLS

RouterCLS Bottleneck

Link

Fig. 5. A simple one link topology network.

I. Mas, G. Karlsson / Computer Networks 51 (2007) 3902–3918 3913

connected to the second router to collect measure-ments and act as PBAC receiver (see Fig. 5).

7.1. The choice of queuing scheme

In order to understand the effect that the twoproposed queuing schemes would have on ouradmission control, we have performed a set of sim-ulations with both queues and compared the results.The tests were run by fixing a background load ofongoing sessions on the network and running over1500 probing sessions of 2 s with 100 kb/s and1 Mb/s rate for each load and queue type used.The background load was provided by exponentialon–off sources with the characteristics describedpreviously. The buffer sizes of the double queueswere two packets for the probe queue (we had onesingle input port) and 10 packets for the data queue.The threshold-queue had 10 packets of buffer spacein total, with a threshold value of two packets.Fig. 6 shows the results. Other simulations with Par-eto distributed on–off sources gave the same type ofbehavior.

From this figure, we notice that there is similarbehavior in both probe loss curves, the main differ-ence being the magnitude of the loss that we get forthe probing. As expected, the probe loss in the case

0

0.05

0.1

0.15

0.2

0.25

0.3

0.35

0.4

0.45

0.5

0.74 0.76 0.78 0.8 0.82 0.84 0.86 0.88 0.9 0.92 0.94

Pro

be p

acke

t los

s

Utilization

Double queue rpr=1e5Threshold queue rpr=1e5

Double queue rpr=1e6Threshold queue rpr=1e6

Fig. 6. Probe packet loss with the two different queue schemesfor exponential on–off sources of 100 kb/s and 1 Mb/s peak rate.

of the threshold-queue is slightly higher than theone we would achieve for the double-queue system,since the two buffer positions below the thresholdare shared between high and low priority packets.The loss levels are however always in the same orderof magnitude for all load levels we have tested. Weconclude that the design decision of choosing onequeuing system or the other does not affect the fea-sibility of our admission control, and both queuingsystems could be used together in a network.

We have also tested how much we shouldincrease the discard threshold on the single queueto achieve a similar probe loss than the doublequeue, in order to provide a suggestion on the val-ues that should be considered for the router buffers.The results obtained for the exponential on–offbackground traffic can be seen in Fig. 7. We cansee that with a threshold value of three or four pack-ets, depending on the load of the link, we achievesimilar probe losses as with the double queues.The other scenarios show similar behaviors, requir-ing between three to five positions below the thresh-old to achieve comparable losses as to the otherqueuing scheme. It is important to understand thatthe choice of short buffers is desirable to provide aservice with loss as the main degradation, wheredelay jitter is so small that its removal is simple.

7.2. Evaluation of the admission control

We have used our experimental prototype tovalidate the simulations in our lab environment.All the experimental results were generated by usinga Spirent SmartBits 6000B traffic generator togenerate the background traffic with the same

0

0.05

0.1

0.15

0.2

0.25

0.3

0.35

0.4

0.74 0.76 0.78 0.8 0.82 0.84 0.86 0.88 0.9 0.92 0.94

Pro

be p

acke

t los

s

Utilization

Double queue (10+2)Threshold queue (10(4))Threshold queue (10(3))

Fig. 7. Probe losses for both queuing schemes with 3 and 4packets as discard threshold and 100 kb/s peak rate.

0

0.002

0.004

0.006

0.008

0.01

0.012

0.014

0.016

1000 1200 1400 1600 1800 2000

Mea

sure

d lo

ss r

atio

Time (sec)

Probe packetsData packets

Target loss

Fig. 8. Probe and data-packet loss rates for 1000 s of testbedexperiment.

0

0.002

0.004

0.006

0.008

0.01

0.012

0.014

0.016

1030 1035 1040 1045 1050 1055 1060 1065 1070

Mea

sure

d lo

ss r

atio

Time (sec)

Probe packetsData packets

Target lossBlocked sessions

Fig. 9. Detailed view of probe and data packet loss rates for 40 sof an experimental run.

1e-05

1e-04

0.001

0.01

0.1

1

Pro

be p

acke

t los

s pr

obab

ility

Analytical modelSimulation rpr=1e6

K=10Experimental K=10Simulation rpr=1e5

K=10

3914 I. Mas, G. Karlsson / Computer Networks 51 (2007) 3902–3918

characteristics as the traffic in the simulations. Theprobing sources have been generated by using a sim-ple software UDP traffic generator,1 to which wehave added the needed probing functions from thePBAC library. The topology used in the laboratoryimplements that of the simulations with one bottle-neck link. The routers are PC’s running DebianLinux with a 2.6.9 kernel providing the specialdouble-queue system, with 100 Mb/s Ethernetinterfaces.

Our first evaluation offers the performance of ourprototype admission control working in the testbed.Fig. 8 shows the probe packet loss and data-packetloss of a test run of 2000 s in our lab. For the sake ofclarity we offer the period from 1000 to 2000 s, whenthe system has achieved a steady state. The offeredload was 105 Mb/s, with sessions of 1 Mb/s peakrate. We loaded the network with 50 Mb/s of admit-ted background traffic and then used 150 sessionsarriving with k = 3 to test the admission controlalgorithm. As the figure shows, packet losses duringthe 2 s probing phase were distributed between 0.2%and 1.6% while the loss rate for admitted flows wasalmost always less than 0.2%. Our target loss ratewas 1% and the blocking rate for the 1000 s in thefigure was 20.73%. Fig. 9 shows a detail of the per-iod between 1030 and 1070 s. In the figure it can beseen that there are some flows that are admitted,since the probe packet loss rate is under the admis-sion threshold, while their corresponding sessionsuffers a packet loss higher than 1%. The error rateof the admission control was in total 1.16%, which isthe percentage of flows that were admitted and

1 http://rude.sourceforge.net.

failed to bound the packet loss under our admissionthreshold.

To evaluate the accuracy of our analytical studywe first consider the probability of probe packetloss, the probability of flow acceptance and the net-work utilization at a given level of offered load.Then we evaluate the maximum link utilization,data loss probability at a given link utilization andthe relation of probe and data-packet loss probabil-ities. Fig. 10 shows the comparison of the probepacket loss probability obtained by simulationsand the one given by our mathematical analysis.Note that we have not limited the probe packet lossto an admission threshold value, since we want toobtain the relation between probe packet loss andutilization up to the full link capacity. When theadmission threshold is active the utilization wouldnot reach 100%, as Fig. 13 illustrates. The figurecompares the analytical results with the assumptionof an infinite high-priority buffer to simulation

0.65 0.7 0.75 0.8 0.85 0.9 0.95 1

Utilization

Fig. 10. Probe packet loss probability for a double-queue system.

0

0.2

0.4

0.6

0.8

1

0.7 0.72 0.74 0.76 0.78 0.8 0.82 0.84 0.86

Acc

epta

nce

Pro

babi

lity

Utilization

Analytical modelSimulation rpr=1e6

K=10Experimental K=10

Fig. 12. Acceptance probability for a new flow as a function ofthe load on the system for 1 Mb/s call peak rate, with anacceptance threshold of 10�2.

I. Mas, G. Karlsson / Computer Networks 51 (2007) 3902–3918 3915

results with 1000 and 10 buffer positions and for thetwo different peak rate values. The figure also con-tains the curve obtained from the experimentalresults for the 1 Mb/s peak rate case. Note thatthe analytical results do not depend on the actualpeak rates but only on the ratio of the peak rateover link rate. The figure shows a close matchbetween the analysis, the simulation and the exper-imental results. The analysis with the assumption ofinfinite high-priority buffer gives an upper boundfor losses in the finite buffer case. This is due tothe fact that more data packets are lost in thehigh-priority queue when we have a buffer size of10 packets, thus reducing slightly the averageremaining busy period, which in turn increases theprobability of success of a probe packet (see Eq.(2)). The different curves suggest that the probe lossincreases exponentially as the link utilizationincreases, which can then offer a sharp transitionin the acceptance probability.

Figs. 11 and 12 show the acceptance probabilitiesof a new call with an acceptance threshold of 10�2,with call peak rates of 100 kb/s and 1 Mb/s. In bothcases the analytical curve intersects the curvesobtained by simulation and in the experimentalevaluation, due to the assumption of independentprobe loss in the analysis. The values of the curveswith a finite buffer size of K = 10 are always slightlyover the infinite case, for the reason explained in theprevious paragraph. The transient period is shorterin the case of high peak rates, as the number ofprobe packets transmitted is higher and the loss esti-mation more accurate. Table 1 summarizes the rela-tionship for the curves for each of the two peak

0

0.2

0.4

0.6

0.8

1

0.7 0.72 0.74 0.76 0.78 0.8 0.82 0.84 0.86

Acc

epta

nce

Pro

babi

lity

Utilization

Analytical modelSimulation rpr=1e5

K=10

Fig. 11. Acceptance probability for a new flow as a function ofthe load on the system for 100 kb/s call peak rate, with anacceptance threshold of 10�2.

rates. From the values in the table, it can be seenthat the model gives an upper bound on the utiliza-tion for an acceptance probability of 95% which isapproximately 3% higher than the simulationresults, while it offers a lower bound for the 5% casewith a difference of less than 2% of link utilization.

Fig. 13 shows the link utilization achieved as afunction of the offered load, for an admissionthreshold of 10�2. This figure illustrates that theadmission control scheme leads to a stable system.The utilization follows the offered load up to a loadlevel of 0.75. After this point, the mathematicalanalysis slightly overestimates the utilization of thesimulated and experimental system, due to the shar-per change of the flow admission probability.Towards high loads the analysis might underesti-mate the achievable utilization due to the same rea-son, with up to 2% of link capacity.

Data-packet loss probability values are shown inFig. 14 as a function of link utilization for differenthigh-priority buffer sizes, considering streams withpeak rate of 1 Mb/s. The results show that thedata-packet loss probabilities grow exponentiallywith increasing link utilization. The mathematicalmodel provides accurate results for the small buffersizes of interest, and, as expected, does not give cor-rect result for large buffers, since it does not con-sider burst-scale buffering. As in the case withFig. 10 we have not limited the packet loss to anadmission threshold value, since we want to obtainthe relation between packet loss and utilization upto the full link capacity. As stated before, whenthe admission threshold is active the utilizationwould not reach 100%, as Fig. 13 illustrates.

0.64

0.66

0.68

0.7

0.72

0.74

0.76

0.78

0.8

0.82

0.84

0.65 0.7 0.75 0.8 0.85 0.9 0.95 1

Util

izat

ion

Offered load

Analytical model rpr=1e6Simulation rpr=1e6

K=10Experimental K=10

Analytical model rpr=1e5Simulation rpr=1e5

Fig. 13. Accepted versus offered load for 1 Mb/s call peak rate,with an acceptance threshold of 10�2.

1e-07

1e-06

1e-05

1e-04

0.001

0.01

0.1

1

0.45 0.5 0.55 0.6 0.65 0.7 0.75 0.8 0.85 0.9 0.95 1

Loss

pro

babi

lity

Utilization

Model K=5Simulation K=5

Model K=10Simulation K=10

Experiment K=10Model K=20

Simulation K=20

Fig. 14. Packet loss probability for accepted sessions, fordifferent high-priority queue buffer sizes.

1e-04

0.001

0.01

1e-05 1e-04 0.001 0.01 0.1D

ata

pack

et lo

ssProbe loss

Analytical modelSimulation rpr=1e6

Experimental rpr=1e6Simulation rpr=1e5

Fig. 15. Sessions versus probe packet loss for 100 kb/s and 1 Mb/s call peak rates.

Table 1Link utilization for acceptance probabilities of 5% and 95%

Pa rpr = 100 kb/s rpr = 1 Mb/s

Model Simulation K = 1000 Simulation K = 10 Model Simulation K = 1000 Simulation K = 10

0.95 0.769 0.732 0.735 0.789 0.753 0.7590.5 0.825 0.832 0.837 0.808 0.821 0.827

3916 I. Mas, G. Karlsson / Computer Networks 51 (2007) 3902–3918

Finally, based on the previous results we evaluatethe connection between probe and data loss valuesin Fig. 15 for admitted flows. The figure shows thedata-packet loss as a function of the probe lossexperienced in the probing phase for ongoing flows.The probe loss is always higher than the data lossindependently of the utilization level. The actualrelationship between probe and data-packet loss isin this case over half an order of magnitude.

As stated before the whole admission procedureof PBAC relies on a high degree of multiplexing

[8,10], in order to obtain a smooth statistical behav-ior of the ongoing traffic. For lower levels of multi-plexing, the effects of thrashing on the simulationresults should be taken into account, thus reducingthe acceptance probability and the link utilization(see [10]), as well as the reliability of the measure-ment of the accepted traffic. Other traffic sourcesexperience the same type of behavior regarding theprobe/data packets loss relationship, as shown in[10]. For multiplexing levels below 10%, the varioussources used to model real–time communications(i.e. Poisson or exponentially distributed on–offsources and traffic traces) show the same behavior,so we are expecting our model to work well for allthese sources.

8. Conclusions

In this paper we propose an admission controlmethod based on probing that provides a well-defined upper limit on the packet loss probabilityfor a flow. The scheme offers service quality forreal-time applications with admission control. Itkeeps functionality for the load control outside thenetwork, following the end-to-end principle of sys-tems design, only requiring some form of priorityqueuing in the core routers. As only the end nodes,

I. Mas, G. Karlsson / Computer Networks 51 (2007) 3902–3918 3917

sender and receiver, take active part in the admis-sion control process, PBAC is able to provide per-flow QoS guarantees in the current stateless Internetarchitecture.

We offer a description and evaluation of anexperimental prototype realized in commodity PC-based routers. The experimental prototype imple-ments the core functionality of PBAC and servesas a proof of concept that the admission controlscheme can easily be deployed in today’s Internet.

Our admission control scheme supports multi-cast. Multicast sources can share a reserved bit rate,by time division, transmitting one at a time, or byrate splitting (a share each). The scheme offers dif-ferent blocking probabilities for different sendersand receivers, depending on their position on themulticast tree. PBAC also supports host mobilityby using the current standards for Mobile IP (bothfor IPv4 and IPv6) with little added complexity onthe mobility enabling agents and mobile nodes.

We offer an approximate analytical model whichoffers useful relationships amongst probe packetloss, ongoing sessions packet loss, acceptance prob-ability, acceptance threshold and buffer sizes. Theserelationships provide strict upper bounds which canbe used to dimension the network parameters. Sim-ulation and experimental results validate our model.

Our results show a clear relationship between theprobe packet loss and the expected session loss, thusallowing admission control based solely on end-to-end loss measurements. The analytical results, veri-fied by simulations and the experimental prototype,prove that PBAC leads to a link utilization withoutoverload, with a clear upper bound on the packetloss probability. Consequently, the probe-basedadmission control provides a reliable and efficientsolution for QoS provisioning for delay and losssensitive applications, with little support in therouters.

Acknowledgements

The authors thank Dr. Viktoria Fodor for hercollaboration on the work described herein, as wellas the anonymous reviewers who provided valuablecomments that helped to improve the originalmanuscript.

References

[1] International Telecommunication Union (ITU), Transmis-sion systems and media, general recommendation on the

transmission quality for an entire international telephoneconnection; one way transmission time (recommendationG.114), Technical report, Telecommunication Standardiza-tion Sector of ITU, Geneva, Switzerland, March 1993.

[2] R. Braden, S. Clark, S. Shenker, Integrated services in theinternet architecture, RFC 1633, IETF, June 1994.

[3] S. Blake, D. Black, M. Carlson, E. Davies, Z. Wang,W. Weiss, An architecture for differentiated services, RFC2475, IETF, December 1998.

[4] S. Shenker, C. Partridge, R. Guerin, Specification ofguaranteed quality of service, RFC 2212, IETF, September1997.

[5] J. Wroclawski, Specification of the controlled-load networkelement service, RFC 2211, IETF, September 1997.

[6] V. Jacobson, K. Nichols, K. Poduri, An expedited forward-ing PHB, RFC 2598, IETF, June 1999.

[7] J. Heinanen, F. Baker, W. Weiss, J. Wroclawski, Assuredforwarding PHB group, RFC 2597, IETF, June 1999.

[8] V. Fodor (nee Elek), G. Karlsson, R. Ronngren, Admissioncontrol based on end-to-end measurements, in: Proceedingsof the 19th Infocom, Tel Aviv, Israel, March 2000, IEEE,2000, pp. 623–630.

[9] G. Karlsson, F. Orava, The DIY approach to QoS, in:Proceedings of the IWQoS 99, LNCS, London, UK, May1999, Springer, 1999, pp. 6–8.

[10] I. Mas, G. Karlsson, PBAC: probe-based admission control,in: Proceedings of the QoFIS 2001, September 2001, LNCS(Coimbra, Portugal), vol. 2156, Springer, 2001, pp. 97–109.

[11] I. Mas, V. Fodor, G. Karlsson, Probe-based admissioncontrol for multicast, in: Proceedings of the 10th IWQoS(Miami Beach, FL, USA), May 2002, IEEE, 2002, pp. 99–105.

[12] I. Mas, V. Fodor, G. Karlsson, The performance of endpointadmission control based on packet loss, in: Proceedings ofthe QoFIS 2003, October 2003, LNCS (Stockholm, Sweden),vol. 2856, Springer, 2003.

[13] N. McKeown, D. Wischik, Making router buffers muchsmaller, Computer Communication Review 35 (3) (2005) 75–78.

[14] C. Cetinkaya, E. Knightly, Egress admission control, in:Proceedings of the 19th Infocom, Tel Aviv, Israel, March2000, IEEE, 2000.

[15] L. Breslau, S. Jamin, S. Shenker, Comments on theperformance of measurement-based admission control algo-rithms, in: Proceedings of the 19th Infocom, Tel Aviv, Israel,March 2000, IEEE, 2000, pp. 1233–1242.

[16] G. Karlsson, Providing quality for internet video services, in:Proceedings of the CNIT/IEEE ITWoDC 98 (Ischia, Italy),pp. 133–146, September 1998.

[17] G. Bianchi, N. Blefari-Melazzi, M. Femminella, Per-flowQoS support over a stateless differentiated services IPdomain, Computer Networks 40 (September) (2002) 73–87.

[18] K. Ramakrishnan, S. Floyd, A proposal to add explicitcongestion notification (ECN) to IP, RFC 2481, IETF,January 1999.

[19] F.P. Kelly, P.B. Key, S. Zachary, Distributed admissioncontrol, IEEE Journal on Selected Areas in Communications18 (12) (2000) 2617–2628.

[20] T. Kelly, An ECN probe-based connection acceptancecontrol, ACM Computer Communication Review 31 (July)(2001) 14–25.

3918 I. Mas, G. Karlsson / Computer Networks 51 (2007) 3902–3918

[21] G. Bianchi, A. Capone, C. Petrioli, Throughput analysis ofend-to-end measurement-based admission control in IP, in:Proceedings of the 19th Infocom, Tel Aviv, Israel, March2000, IEEE, 2000, pp. 1461–1470.

[22] G. Bianchi, A. Capone, C. Petrioli, Packet managementtechniques for measurement based end-to-end admissioncontrol in IP networks, Journal of Communications andNetworks 2 (June) (2000) 147–156.

[23] G. Bianchi, F. Borgonovo, A. Capone, C. Petrioli, Endpointadmission control with delay variation measurements forQoS in IP networks, ACM Computer CommunicationReview 32 (April) (2002) 61–69.

[24] L. Breslau, E.W. Knightly, S. Shenker, I. Stoica, H. Zhang,Endpoint admission control: architectural issues and perfor-mance, in: Computer Communication Review – Proceedingsof the Sigcomm 2000, vol. 30 (Stockholm, Sweden), ACM,August/September 2000, pp. 57–69.

[25] J.W. Roberts, U. Mocci, J. Virtamo (Eds.), BroadbandNetwork Teletraffic – Final Report of Action COST 242,LNCS, vol. 1155, Springer, 1996.

[26] W.-C. Lau, S.-Q. Li, Traffic analysis in large-scale high-speedintegrated networks: validation of nodal decompositionapproach, in: Proceedings of the 12th Infocom, San Fran-cisco, California, March/April 1993, IEEE, 1993, pp. 1320–1329.

[27] I. Mas, J. Brage, G. Karlsson, Lightweight monitoring ofedge-based admission control, in: Proceedings of the IEEE2006 International Zurich Seminar on Communications,February 2006.

[28] G. Dan, V. Fodor, Quality differentiation with sourceshaping and forward error correction, in: Proceedings ofthe MIPS’03 (Naples, Italy), pp. 222–233, November 2003.

[29] J.H. Saltzer, D.P. Reed, D.D. Clark, End-to-end argumentsin system design, ACM Transactions on Computer Systems2 (November) (1984) 277–288.

[30] Linux Advanced Routing and Traffic Control. <http://lartc.org/>.

[31] H. Schulzrinne, S. Casner, R. Frederick, V. Jacobson, RTP:A transport protocol for real-time applications, RFC 1889,IETF, January 1996.

[32] H. Holbrook, B. Cain, Source-specific multicast for IP, RFC4607, IETF, August 2006.

[33] C. Perkins, IP mobility support for IPv4, RFC 3344, IETF,August 2002.

[34] J.W. Roberts (Ed.), COST 224: performance evaluation anddesign of multiservice networks, vol. EUR 14152 EN ofInformation technologies and sciences. Commission of theEuropean Communities, 1992.

Ignacio Mas received his M.Sc. degreesin electrical engineering from the RoyalInstitute of Technology (Stockholm,Sweden) and from Universidad Politec-nica de Madrid (Spain). He obtained hisTechnology Licentiate degree from theRoyal Institute of Technology as well.He has authored and coauthor severalpapers on admission control and qualityof service on the Internet. He is workingnow in the Service Layer Technology

department of Ericsson Research in Stockholm. His researchinterests include admission control, quality of service, multimedia

transport, signaling and network security.

Gunnar Karlsson is professor in theSchool of Electrical Engineering ofKTH, the Royal Institute of Technologysince 1998; he is the director of theLaboratory for Communication Net-works. He has previously worked forIBM Zurich Research Laboratory andthe Swedish Institute of Computer Sci-ence (SICS). His Ph.D. is from ColumbiaUniversity (1989), New York, and theM.Sc. from Chalmers University of

Technology in Gothenburg, Sweden (1983). He has been visitingprofessor at EPFL in Lausanne, Switzerland, and the Helsinki

University of Technology in Finland, and ETH Zurich in Swit-zerland. His current research relates to quality of service, wirelessLAN developments and wireless content distribution.