FAQ: Bandwidth Monitoring with IPDR

Got burning questions about IPDR? This article answers the top questions on the topic.

What is IPDR?

Internet Protocol Detail Record (IPDR) is a technology used to collect and record data traffic statistics that are produced on a network. IPDR is of particular interest to the cable industry because it is integrated with the CableLabs DOCSIS protocol. As a result, a CMTS is instructed to collect information about IP-based service usage on a per subscriber basis. IPDR data therefore contains information about every flow inside a CMTS and provides consumption usage information about every subscriber device on your network.

What is IPDR used for?

IPDR captures information that directly reflects subscriber service consumption. IPDR was originally introduced into the CableLabs DOCSIS specifications as an efficient alternative to the existing simple network management protocol (SNMP) for usage-based billing models. However, usage-based billing is not the only application for IPDR. Information gained from bandwidth monitoring with IPDR can also be used for a range of network planning and management tasks.

IPDR provides superior network intelligence that can be applied to tasks such as monitoring subscriber usage, forecasting future capacity, and planning new revenue streams. This information essentially allows you to identify bottlenecks and plan for future investments, such as expansions and network splits. Traffic patterns and subscriber profiles can also help marketing and sales departments plan campaigns based on real subscriber network utilization and consumption patterns.

How does IPDR work?

IPDR is a software-based data collection method that collects information on a per subscriber device basis. The CMTS already produces this data and under IPDR the statistics are periodically collected and asynchronously reported to a central application called a collector. This external system needs to have the ability to filter, analyze, and organize the information so that different departments can digest and make use of the data.

The collector receives IPDR data from a large number of CMTS units, and the information is created and communicated out-of-band. In other words, the CMTS waits until it has spare central processing unit (CPU) cycles to send data to guarantee that IPDR does not interfere with normal operations.

What are the alternatives to IPDR?

The two most commonly used data collection alternatives are deep packet inspection (DPI) and simple network management protocol (SNMP).

DPI is a technology used to scan all traffic on a network and create statistics based on specific parameters. It can therefore be used for bandwidth monitoring and policy enforcement. It is an application-based method that sits between the subscriber and the Internet. DPI analyzes data within a packet that is not encrypted and can differentiate video, audio, voice over IP (VoIP), and email. DPI provides detailed information about a packet and can reconstruct a subscriber’s Internet usage if requested. For example, DPI can tell you that within 23Mb of email, 800 emails were sent to the following addresses, with the following attachments, and so on.

SNMP is also used for data collection, although it is not mutually exclusive from IPDR. IPDR was initially designed to overcome the shortcomings of SNMP in high-speed networks, such as unreliable polling resulting in missed data and additional CPU loads on the CMTS. Today, SNMP data such as lease information can be cross-referenced with IPDR service consumption data to create a complete view of a network, which is essential for network planning and congestion prevention.

How does IPDR compare to DPI?

DPI is a useful tool for policy enforcement; however, IPDR is more efficient and cost-effective for wide range of network management tasks.

The cable industry traditionally used DPI with the CableLabs PacketCable Multimedia (PCMM) platform to throttle certain types of traffic on a network. DPI allows the network to discover what applications use the most bandwidth and, depending on set policies, limit bandwidth usage. Service providers generally use DPI to limit peer-to-peer traffic and over-the-top services, such as video streaming provider Netflix. DPI gains intelligence by examining every data packet as it passes an inspection point. Flows are created internally and traffic policies applied, with the information later gathered through an API.

DPI has some disadvantages. Layer 2 or 3 routers or switches are unable to inspect packets deeply without dedicated hardware, so this method often requires extra external appliances at an extra cost. DPI also works on the IP data stream, unaware of the MAC layers, which means it is not subscriber-aware in the same way as IPDR. DPI therefore does not contain data relevant to each subscriber other than the IP address.

IPDR, on the other hand, provides critical data from the CMTS level about every subscriber device on a network. IPDR does not affect network performance because it periodically collects data out-of-band from a web of collection agents. The information is normalized and compressed before being stored centrally. IPDR is a software-based approach that does not require additional hardware, as the CMTS already produces the data free of charge. The only investment required is a tool to analyze and make use of the information.

IPDR is an industry standard, which means several CMTS vendors can report the same type of information to one collector, whereas DPI is a proprietary solution that is not standardized and different DPI vendor can implement different features.

DPI has also created controversy in many jurisdictions due to privacy concerns. DPI inspects and analyzes every packet in a network and some users feel this is too intrusive and akin to spying. Simply put, while IPDR can tell you how much bandwidth is being used and where (email, video, data, etc.), it does not disclose the actual contents of the traffic. DPI, on the other hand, gives you those details and can tell you what websites were visited, and what emails sent to whom.

In most western countries DPI is used for policy enforcement, such as identifying and slowing down peer-to-peer traffic and illegal forms of file sharing. IPDR avoids controversy by simply leveraging the number of bytes that a subscriber sends and receives. This is essentially the same information users have been parting with for years on phone bills and therefore is not seen as controversial in the user community.

How does IPDR compare to SNMP?

SNMP and IPDR are not mutually exclusive protocols and can be used together to provide a complete overview of your network topology.

Embedded in IPDR data is information about the actual interfaces and ports where the data is pulled or pushed from. You can examine the CMTS port/interface and blade usage to analyze data pathways on the network and identify the top bandwidth users in a particular geographic area.

You can then combine this information with SNMP data to draw an active network map at regular intervals throughout the day. This information is key in network planning and congestion prevention. Simply knowing the top users on the network is not enough. You must know where they are located and how many access the same port or CMTS at the same time to understand the effect of each subscriber on the network.

SNMP is less useful on its own because it places a great strain on the CMTS. You need to generate hundreds of consecutive requests to a CMTS to gain specific subscriber information, whereas with IPDR the CMTS automatically streams subscriber records to the collector on a periodic basis. Under IPDR the CMTS services one client, the collector, which ensures that IPDR does not tax the CMTS in the same way that SNMP- based methods can. IPDR is more efficient because the collector software runs on a separate server and many CMTS units can run on a single server.

What do I need to implement IPDR?

The power of IPDR is that it is a relatively low-cost investment that makes use of your existing investments. Essentially, the CMTS already produces the data required free of charge. All that is required is the collector, the normalizing application, and the tools to analyze the data gathered. This information then allows you to make more informed decisions about future investments and network planning.

What are some of the advantages of IPDR?

Although DPI can be used as a platform to perform basic user-based billing functions, it does so at a very high price and subscribers consider this method intrusive. IPDR offers efficient and superior network intelligence that can be used for additional network management tasks, such as engineering, congestion planning, and trending analysis. It is a standardized interface that is simple to deploy and it requires little additional hardware or investment. IPDR is a powerful network management tool that utilizes existing information in your network, allowing you to make more informed decisions and create additional revenue streams for the future.