- What is IPDR?
- What is IPDR used for?
- How does IPDR work?
- What are the alternatives to IPDR?
- How does IPDR compare to DPI?
- How does IPDR compare to SNMP?
- What do I need to implement IPDR?
- What are some of the advantages of IPDR?
Internet Protocol Detail Record (IPDR) is used to collect and record data traffic statistics produced on a network. IPDR is widely deployed in the cable industry with a device footprint of over 54 million users, and is integrated with the CableLabs DOCSIS protocol. As a result, a CMTS is instructed to collect information about IP-based service usage on a per subscriber basis. So IPDR data contains information about every flow inside a CMTS, and consumption usage information about every subscriber device (for example a cable modem) on your network.
IPDR captures information directly reflecting subscriber service consumption. IPDR was originally introduced in the CableLabs DOCSIS specification as an efficient alternative to simple network management protocol (SNMP) supporting usage-based billing models. While charging and billing represent the most basic IPDR application, facilitating policy decisions, revenue assurance, fraud prevention, and inter-partner settlement in the BSS (business support system) layer, it is not the only IPDR application.
IPDR data collection provides network insight into capacity, subscriber usage, proactive network maintenance, and can drive new revenue streams. IPDR data also supports traffic analysis to identify network congestion and plan for network capacity investments, such as expansions and network splits. Analysis of subscriber usage enable marketing and sales departments to initiate campaigns based on actual subscriber network utilization and consumption patterns to increase revenue, drive customer experience management. What’s more, IPDR data can be used to support operational teams in bolstering fault and performance management.
IPDR captures data on a per subscriber device basis. In the IPDR DOCSIS model, the IPDR Exporter (CMTS or CCAP) generates IPDR data, then the IPDR Collector OSS mediation system periodically gathers and reports the data asynchronously. The IPDR OSS mediation system capabilities should include filtering, analyzing, and organizing the IPDR information based off business needs across the organization.
The OSS IPDR Collector (mediation system) receives IPDR data from a large number of CMTS units. The IPDR data is then built by the record formatter on the CCAP/CMTS and transmitted out-of-band to the IPDR Collector using the IPDR Streaming Protocol. The CMTS waits until it has spare central processing unit (CPU) cycles to send data upstream to guarantee no interference with normal CMTS operations.
The two most commonly used data collection alternatives to IPDR are deep packet inspection (DPI) and simple network management protocol (SNMP).
DPI scans all traffic on a network and creates statistics based on specific parameters for use cases such as bandwidth monitoring and policy enforcement. DPI is an application-based method sitting between the subscriber and the Internet. DPI analyzes data within an unencrypted packet and differentiates video, audio, voice over IP (VoIP), and email. DPI provides detailed packet information, reconstructing a subscriber’s Internet usage if requested. For example, DPI can determine in 23Mb of email, 800 emails were sent to the following addresses with the following attachments.
SNMP is also used for data collection, although it is not mutually exclusive from IPDR. IPDR was initially designed to overcome the shortcomings of SNMP in high-speed networks, such as unreliable polling resulting in missed data and additional CPU loads on the CMTS. Today, SNMP data such as lease information can be cross-referenced with IPDR service consumption data to create a complete view of a network augmenting network planning and congestion prevention.
DPI is a useful tool for policy enforcement; however, IPDR is more efficient and cost-effective for a wide range of network management tasks.
The cable industry traditionally used DPI with the CableLabs PacketCable Multimedia (PCMM) platform to throttle certain types of traffic on a network. DPI allows the network to discover what applications use the most bandwidth and, depending on set policies, limit bandwidth usage. Service providers generally use DPI to limit peer-to-peer traffic and over-the-top (OTT) services, such as video streaming provider Netflix. DPI gains intelligence by examining every data packet passing an inspection point, then internal flows are created, traffic policies applied, and the information later gathered through an API.
DPI does have some disadvantages. Layer 2/3 routers and switches are unable to deeply inspect packets without dedicated hardware, thus extra external appliances may be required, driving up costs. DPI performs on the IP data stream, unaware of the MAC layers, thus DPI is not subscriber-aware as is IPDR (as MAC addresses identify subscriber CMs on a cable network). So, DPI does not contain subscriber related data other than the IP address.
On the other hand, IPDR captures critical data from the CMTS regarding all subscriber information on a CMTS/CCAP network. To improve the network performance of the IPDR data collection activity, a reliable high-throughput TCP stream is used to transfer data records between the record formatter and the collection system. IPDR information is normalized and compressed before being stored centrally in the mediation system. As the DOCSIS CMTS/CCAP generates the IPDR data by default, this approach does not require additional network hardware.
IPDR is an industry standard, so all standard compliant CMTS vendors report the same type of information to a standards compliant IPDR Collector, whereas DPI is a proprietary solution, meaning each vendor may implement DPI in a different fashion.
Privacy concerns are a hot topic as DPI inspects and analyzes every packet in a network, and customer impressions are this is intrusive and akin to spying. In a nutshell, while IPDR can tell you how much bandwidth is being used and where (video, voice, email, data, etc.), IPDR does not disclose the actual contents of the traffic. Conversely, DPI provides details on what websites were visited, and what emails sent to whom.
In most western countries, DPI is used for policy enforcement, such as identifying and slowing down peer-to-peer traffic and illegal forms of file sharing. IPDR avoids controversy by simply leveraging the number of bytes that a subscriber sends and receives. This approach is analogous to usage information from phone bills and is not as controversial.
SNMP and IPDR are not mutually exclusive protocols and complement one another in providing an accurate network topology view.
Embedded in IPDR information, you can zero-in on the network interfaces and ports where the data is pulled or pushed from. By examining the CMTS port/interface and blade usage, operator can analyze data pathways on the network and identify the top bandwidth users in a particular geographic area. Then by combining this network granularity with SNMP data, an operator can determine an active network map at regular intervals throughout the day – a key input to network planning and congestion prevention. Simply knowing the top bandwidth users on the network is not enough. A service provider must know where the high-usage subscribers are located and how many access the same port or CMTS at the same time to understand the impact of each subscriber on the network.
SNMP imposes a greater strain on the CMTS when used without IPDR due to the generation of hundreds of consecutive requests to the CMTS to capture specific subscriber information. Whereas with IPDR, the CMTS automatically streams subscriber records to the IPDR Collector on a periodic basis. The IPDR approach provides greater efficiency compared to SNMP as the CMTS often maintains these running counters in memory and is able to send the information to the IPDR Collector when it's appropriate from a resourcing perspective. The greater efficiency means that sample rate can occur every 15 minutes instead of every two hours. The IPDR Collector software runs on a separate virtualized VM and collects the IPDR streams from multiple CMTSs simultaneously.
The CCAP (CMTS) gains in reduced computing resources, compared to SNMP, when generating comparable IPDR data sets. The IPDR Collector systems benefit by reducing the costs associated with reliable data collection, scalable growth in number of records, and multiple types of data sets over the same collection platform.
The IPDR value is a relatively low-cost investment maxing use of deployed cable network resources as the CMTS already produces the IPDR data required free of charge. The only remaining OSS systems are the IPDR Collector, mediation system, the normalizing application, and the tools to analyze the gathered IPDR data. A recommended best practice to ensure the end-to-end privacy and integrity of the IPDR billing records during transit or storage is an authentication and encryption mechanism between the record formatter and the collection system. When considering a bandwidth usage or capacity management implementation harnessing IPDR data, experience with the DOCSIS 3.1 OSS integration specification is valuable, but not necessary if you turn to a software vendor for your project.
What are some of the advantages of IPDR?
DPI comes at a very high price – hardware costs and perceived privacy intrusion, along with limited user-based billing functions. IPDR delivers superior network intelligence supporting network and congestion management, as well as trending analysis to complete informed decisions and enable additional revenue streams. A standardized technology, IPDR deployment straightforward, and requires little additional hardware or investment.
For Incognito’s insight into everything broadband, subscribe to our blog.