QoS Shaping and Policing Notes
QoS Shaping and Policing
– Shaping
-> Delaying the traffic to conform with service level agreement
-> Outgoing
– Policing
-> Punishing the traffic to enforce the service level agreement
-> Incoming
A router cannot send traffic at lower rates then the clock rate
Contract rate
– Committed information rate (CIR)
-> e.g. – 64 kbps
Actual rate
– Clock rate
-> e.g. – 128 kbps
Problem
– 500ms of delay is added to all network traffic
In every t sub c, only half of the time traffic is sent as a burst
b sub c = t sub c * CIR
128000 bps
– In one t sub c = 12800 bits
b sub c = 6400 bits
b sub c bucket
– When the bucket is empty, no traffic can be sent
– Bucket will be refilled at the start of every t sub c (interval)2
If the bucket is not empty at the start of a t sub c, the excess tokens overflow into the b sub e bucket
If CIR is configured but b sub c and b sub e are not configured, the default values are used
If the contract rate is less than 320kbps, then the default b sub c is 8000 bps
If the contract rage is more than or equal to 320kbps, then the default t sub c is 25ms
policy-map <name>
class <name>
shape average <cir> [ b sub c ] [ b sub e ]
e.g. – Shape all http traffic at the rate of 128kbps
-> Use the burst size of 16000 bit / t sub c
class-map HTTP
match protocol http
policy-map SHAPE
class HTTP
shape average 12800 1600
int s0/0
service-policy output SHAPE
Dual Rate Shaping
– CIR
– Peak Information Rate (PIR)
– Allowsurst traffic at full rate (PIR) in every interval
policy-map <name>
class <name>
shape peak <cir> <b sub c> <b sub e>
Scenario -> 3 classes to be shaped at 64kbps, VOICE, HTTP, default
policy-map WRONG-ANSWER
class VOICE
shape average 64000
class HTTP
shape average 64000
class class-default
shape average 64000
Use nested policy maps
policy-map CHILD
class VOICE
priority
class HTTP
bandwidth
class class-default
policy-map PARENT
class class-default
shape average 64000
service-policy CHILD
Policing
– Punishing the traffic to enforce the service level agreement
-> Traffic rate
-> To control the incoming traffic rate
-> Called metering
-> 1 token = 1 byte
-> b sub c = bucket size
-> The burst size
The bucket is filled when the burst of packets arrive
The number of tokens filled in the bucket are calculated by a formula
The faster traffic is sent, the less traffic can be sent
The slower traffic is sent, the more traffic can be sent
Conforming rate
– within the contract
Exceeding rate
– beyond the contract
Violating rate
– way beyond the contract
When a single bucket is used, it is called single rate, two bucket policing
– Single rate = CIR
– Colors = actions
-> Conform
-> Exceed
Actions
– drop
– transmit
– set-dscp-transmit <dscp>
– set-precedence-transmit <precedence>
– set-frde-transmit
-> Frame-Relay Discard Eligible (FRDE)
policy-map <name>
class <name>
police <cir> <b sub c> conform-action <action> exceed-action <action>
When two buckets are used, it is called single rate, three colors
– Single rate = CIR
– Colors = actions
-> Conform
-> Exceed
-> Violate
18000 bytes
– First 8000 bytes use b sub c tokens
-> Conforming
– Second 8000 bytes use b sub e tokens
-> Exceeding
– last 2000 bytes are dropped
-> Violating
policy-map <name>
class <name>
police 64000 8000 8000 confirm-action transmit exceed-action set-dscp-transmit 0 violate-action drop
-> 64000 – bps
-> 8000 – bytes
-> 8000 – bytes
When two buckets and two rates are used, it is called dual rate, three color policing
Ratio = CIR * PIR
b sub c and b sub e buckets are filled
– b sub c tokens are used to send the first 8000 bytes
– For every b sub c token used, one token will be removed from the b sub e bucket
– b sub e tokens are used to send the next 8000 bytes
– The last 2000 bytes are violating
policy-map <name>
class <name>
police cir <value> bc <value> pir <value> be <value> conform-action transmit exceed-action set-dscp-transmit AF11 violate-action drop