Blue (queue management algorithm)

Blue^[1] is an Active Queue Management algorithm. Like RED, it operates by randomly dropping or ECN-marking packets in a router's queue before it overflows. Unlike RED, however, it requires little or no tuning on the part of the network administrator.

Contents 1 Operation of Blue 2 Stochastic Fair Blue 3 Resilient Stochastic Fair Blue (RSFB) 4 Implementations 5 References 6 External links

Operation of Blue

A Blue queue maintains a drop/mark probability p, and drops/marks packets with probability p as they enter the queue. Whenever the queue overflows, p is increased by a small constant p_d, and whenever the queue is empty, p is decreased by a constant p_i<p_d.

Assuming the mix of traffic on the interface doesn't change, p will slowly converge to a value that keeps the queue within its bounds with full link utilisation.

Stochastic Fair Blue

The main flaw of Blue, which it shares with most single-queue queueing disciplines, is that it doesn't distinguish between flows, and treats all flows as a single aggregate. Therefore, a single aggressive flow can push out of the queue packets belonging to other, better behaved, flows.

Stochastic Fair Blue (SFB)^[2] is a stochastically fair variant of Blue which hashes flows and maintains a different mark/drop probability for each hash value. Assuming no hash collisions, SFB is able to provide a fair share of buffer space for every flow. In the presence of hash collisions, SFB is only stochastically fair.

Unlike other stochastically fair queuing disciplines, such as SFQ, SFB can be implemented using a Bloom filter rather than a hash table, which dramatically reduces its storage requirements when the number of flows is large.

When a flow's drop/mark probability reaches 1, the flow has been shown to not react to congestion indications from the network. Such an inelastic flow is put in a "penalty box", and rate-limited.

Resilient Stochastic Fair Blue (RSFB)

The existing Active Queue Management (AQM) algorithms, including the fairness-aimed ones, are notably vulnerable to spoofing Distributed Denial-of-Service (DDoS) attacks. A Resilient Stochastic Fair Blue (RSFB) algorithm was proposed against spoofing DDoS attacks. The basic idea behind RSFB is to record the responsive normal TCP flows and rescue their dropped packets. RSFB algorithm is effective in preserving the TCP throughput in the presence of spoofing DDoS attacks.^[3]

Implementations

An implementation of Blue is part of ALTQ, the alternative AQM framework for BSD Unix.

An implementation of SFB for Linux^[4] has been included in Linux since version 2.6.39.

References

1. ^ Wu-chang Feng; Dilip D. Kandlur; Debanjan Saha; Kang G. Shin (April 1999), "BLUE: A New Class of Active Queue Management Algorithms", U. Michigan Computer Science Technical Report (CSE–TR–387–99), http://www.eecs.umich.edu/techreports/cse/99/CSE-TR-387-99.pdf, retrieved 2010-12-22 
2. ^ Wu-Chang Feng; Dilip D. Kandlur; Debanjan Saha; Kang G. Shin (April 2001), "Stochastic Fair Blue: an algorithm for enforcing fairness", Proc. INFOCOM 2001 3: 1520–1529, doi:10.1109/INFCOM.2001.916648, http://www.thefengs.com/wuchang/blue/41_2.PDF, retrieved 2010-01-02 
3. ^ Changwang Zhang, Jianping Yin, and Zhiping Cai, RSFB: a Resilient Stochastic Fair Blue algorithm against spoofing DDoS attacks, in International Symposium on Communication and Information Technology (ISCIT), 2009. Ref
4. ^ Juliusz Chroboczek. An implementation of SFB for the Linux kernel

External links

• Wu-chang Feng's page about Blue and SFB.
• An implementation of SFB for the Linux kernel.