Blue is ascheduling discipline for thenetwork scheduler developed by graduate student Wu-chang Feng for ProfessorKang G. Shin at theUniversity of Michigan and others at theThomas J. Watson Research Center ofIBM in 1999.[1]
Likerandom early detection (RED), Blue operates by randomly dropping or marking packet withexplicit congestion notification mark before the transmit buffer of thenetwork interface controller overflows. Unlike RED, however, it requires little or no tuning to be performed by the network administrator. A Blue queue maintains a drop/mark probabilityp, and drops/marks packets with probabilityp as they enter the queue. Whenever the queue overflows,p is increased by a small constantpi, and whenever the queue is empty,p is decreased by a constantpd < pi.
If the mix of traffic on the interface does not change,p will slowly converge to a value that keeps the queue within its bounds with full link utilization.
The main flaw of Blue, which it shares with most single-queuequeuing disciplines, is that it does not distinguish betweentraffic flows, but treats all flows as a single aggregate. Therefore, a single aggressive flow can push packets out of the queue belonging to other, better behaved, flows.
Stochastic fair Blue (SFB) is a stochastically fair variant of Blue which hashes flows and maintains a different mark/drop probability for each hash value. Assuming no hash collisions, SFB is able to provide a fair share of buffer space for every flow. In the presence of hash collisions, SFB is only stochastically fair.[2]
Unlike other stochastically fair queuing disciplines, such as SFQ (Stochastic Fairness Queuing), SFB can be implemented using abloom filter rather than ahash table, which dramatically reduces its storage requirements when the number of flows is large.When a flow's drop/mark probability reaches 1, the flow has been shown to not react to congestion indications from the network. Such an inelastic flow is put in a "penalty box", and rate-limited.
Many scheduling algorithms, including the fairness-aimed ones, are notably vulnerable to spoofingdistributed denial-of-service (DDoS) attacks. A resilient stochastic fair Blue (RSFB) algorithm was proposed in 2009 against spoofing DDoS attacks. The basic idea behind RSFB is to record the responsive normal TCP flows and rescue their dropped packets. RSFB algorithm is effective in preserving the TCP throughput in the presence of spoofing DDoS attacks.[3]
An implementation of Blue is part ofALTQ, thenetwork scheduler for BSD Unix.[4]
An implementation of SFB forLinux was included in theLinux kernel in version 2.6.39.[5][6][7]
{{cite book}}:|journal= ignored (help)Abstract