This document is meant for all UTHSCSA members that are involved in the technical design, implementation and delivery of high bandwidth applications over the UTHSCSA local area network (LAN) and wide area network (WAN). It defines bandwidth restrictions, access control, uni-cast and multi-cast delivery methods, monitoring, and user abuse consequences. This document will be used to fairly administer the adequate, yet limited bandwidth available on the LAN and WAN. It applies to voice/audio (netradio, Voice-over-IP, etc.), video (H.323 teleconferences, MPEG and H.261 streams, narrowband video - RealNetworks, Microsoft Windows Media), and other moderate to high bandwidth data streams. The goal of this prioritization is to give transport priority to applications that require it because of either time-sensitive delivery (voice) or application importance (ERP), and yet allow low priority applications to compete for the remaining bandwidth. As proposed in the bandwidth limitation section that follows, the portion that will be designated for "Normal" traffic is actually more than what is available today. This allocation should give good performance to the lower priority application. This document also will define the procedures and expectations for mission critical application to be transported.

Bandwidth limitations - The communication network at the UTHSCSA is currently only moderately utilized, but as new, higher bandwidth applications are used, there is the possibility of over-taxing the network. Because of the dynamics of network traffic, it is impossible to say how many data streams of a certain kind can be used efficiently on the network, especially when you consider the switching architecture we have in place. As a starting point, we will reserve 20 percent of the backbone links (on the Gigabit Ethernet network, that is 200 megabits per second or Mbps) for normal priority traffic and another 20 percent for network overhead, leaving 60 percent (600 Mbps) for high priority traffic. As a comparison to current backbone capacity, the 155 Mbps ATM core is about 8 percent utilized on the average, with peaks up to 20 percent. Similar utilizations are expected with the Gigabit Ethernet backbone, thereby yielding more capacity than is available today. The 600 Mbps streaming allocation will conservatively support over 1000 active sessions of 400-500 kilobytes per second (Kbps), which would characterize a single video stream or high bandwidth application. The streaming traffic will consist of various stream-based IP protocols such as Real-Time Procotol (RTP, RTCP, RTSP), ReSerVation Protocol (RSVP), and others. The streams will be controlled by various network applications (H.323 gatekeepers, IP/TV Content Manager, VoIP gateways, etc.) to initially coordinate the bandwidth allocation. Bandwidth will be completely under the control of the network equipment, which will be configured to classify the various packet types at the ingress point (input). This classification will restrict and control bandwidth by preset priority queues within the network gear, but has no means to limit access within a particular priority. The potential for over subscribing a particular priority is possible and close monitoring must be done to reassign priorities so as to not over use any required resource within the network. The Network Management Group (NMG) of T&N will have the responsibility of implementing and monitoring the network bandwidth control per the policy set forth in this document. The bandwidth allocation by application is represented in the Table A at the end of this document. It contains the initial application bandwidth limitations and the associated traffic priority. Users may petition for modifications and additions to this allocation by contacting the Director of Telecommunications and Networking in writing or e-mail. All network users should be aware of the possible impact that high demand applications (ftp, network backups, ghosting, etc.) may have on the overall network performance.

Access Control - In order to control bandwidth use, restrictions will be in place at a user, node, and application level. The appropriateness of network use will be a matter of need when network resources become critical. Users are encouraged (in some cases - required) to subscribe to the appropriate application groups (H.323, VoIP, ERP, etc.) through the various controlling agents (gatekeepers, authenticators, etc.). The benefit of this action will be that performance of these groups will be monitored and given appropriate adjustments in bandwidth and priority as required. Users and applications that are not registered with the appropriate agent will be classified as normal priority.

Uni-cast and Multi-cast Stream Delivery - Point to point data streams (uni-cast) can occur within a virtual LAN (VLAN) and will generally not be restricted in any fashion. Uni-cast streams between VLANs will not normally be restricted, as long as the performance of the network is not greatly impacted.

Multi-cast streams will be controlled and be restricted to authorized applications. Since multi-casting generally is for high bandwidth application like video streaming and is distributed to many end users, strict monitoring and enforcement will be observed.

Network Monitoring and User Abuse Consequences - With the implementation of firewall and Intrusion Detection Systems (IDS), and with other router and sensor logs, the Network Management Group (NMG) will be able to closely monitor all network traffic. Users that abuse bandwidth and prioritization rules will be treated with the same consequences as any other computer thief of service crime. The scenario would be to notify the offender by either voice or email for the first offense, a written notification on the second offense, and a possible network disconnect on the third offense. After the first offense, NMG will closely monitor the specific problem areas for compliance and will escalate the consequences to the next level should the abuse continue.