Selection Criteria The following table lists the differences between shaping and policing to help you choose the best solution. Shaping Policing Objective Buffer and queue excess packets above the committed rates. Drop or remark excess packets above the committed rates. Does not buffer. Minimum number of intervals is required. Configured in bytes. Configuration Options shape command in the modular quality of service command-line interface MQC to implement class-based shaping.
Uses a leaky bucket to delay traffic, which achieves a smoothing effect. Propagates bursts. Does no smoothing. Advantages Less likely to drop excess packets since excess packets are buffered. Buffers packets up to the length of the queue. Drops may occur if excess traffic is sustained at high rates. Typically avoids retransmissions due to dropped packets. Controls the output rate through packet drops.
Avoids delays due to queuing. Disadvantages Can introduce delay due to queuing, particularly deep queues. Drops excess packets when configured , throttling TCP window sizes and reducing the overall output rate of affected traffic streams. Overly aggressive burst sizes may lead to excess packet drops and throttle the overall output rate, particularly with TCP-based flows.
Token Refresh Rate A key difference between shaping and policing is the rate at which tokens are replenished. Let's look at how the token bucket metaphor works: Tokens are put into the bucket at a certain rate.
Each token is permission for the source to send a certain number of bits into the network. Look at an example using a CIR or policer rate of bps and a normal burst of bytes. Router config policy-map police-setting Router config-pmap class access-match Router config-pmap-c police conform-action transmit exceed-action drop The token buckets starts full at bytes.
Minimum Versus Maximum Bandwidth Controls Both the shape and police commands restrict the output rate to a maximum kbps value. For example: policy-map parent class class-default shape average 0 service-policy child In order to learn more about parent and child policies, please refer to QoS Child Service Policy for Priority Class. Was this Document Helpful? Yes No Feedback. Related Cisco Community Discussions. Buffer and queue excess packets above the committed rates. Router config-pmap-c police bps burst-normal burst-max conform-action action exceed-action action violate-action action.
Note The Traffic Policing feature works with a token bucket mechanism. There are currently two types of token bucket algorithms: a single token bucket algorithm and a two token bucket algorithm. A single token bucket system is used when the violate-action option is not specified, and a two token bucket system is used when the violate-action option is specified.
Verify that your interface is not mentioned in the nonsupported interface description in the "Restrictions" section of this module. Traffic policing cannot be used on the switching path unless CEF switching is enabled. Router show policy-map. Router show policy-map policy-map-name. Router show policy-map interface. Displays statistics and configurations of all input and output policies that are attached to an interface. The following configuration shows how to define a traffic class with the class-map command and associate that traffic class with a traffic policy with the policy-map command.
Traffic policing is applied in the traffic policy. The service-policy command is then used to attach the traffic policy to the interface.
In this example, traffic policing is configured with the average rate at bits per second, the normal burst size at bytes, and the excess burst size at bytes. Packets that conform are transmitted, packets that exceed are assigned a QoS group value of 4 and are transmitted, packets that violate are dropped.
For example, since voice does not handle delay well, any voice packet that arrives at the WAN edge should be sent first even if there were other packets that arrived before that voice packet. However, a small to medium-sized LAN that is properly built and not oversubscribed will usually not need QoS features.
We will now look at these topics individually. One of the most important duties of the police is to maintain law and order. If you as a citizen abide conform to the rules, you usually have nothing to worry about.
However, if you are found violating a rule, there is usually repercussion. Let us assume the ISP uses fiber in this case and the organization only wants to purchase a 5Mbps service. How does the ISP ensure that the organization only gets what they pay for 5Mbps even though the physical fiber connection to the organization can support far more speed e. This is one of the uses of Traffic Policing. The ISP will have a contract with the organization that says anything outside 5Mbps will be dropped, and this will be implemented using traffic policing on the ISP side.
To further understand how traffic policing works, let us consider how Cisco implements this feature on their devices. Cisco uses a token bucket metaphor for both traffic policing and shaping. From a high level, this is how it works:. Note : The reason you divide by 8 bits is to convert it to bytes since token in policing are measured in bytes. Imagine that an ISP has an agreement of 16Kbps with their client and has said that the client can send bytes in a single burst.
This means that we have the following:. Now, if a packet comes in at bytes, since the bucket starts full with bytes , and the packet conforms, tokens are taken out of the bucket.
The bucket now has tokens left — If another packet arrives ms i. If that packet that arrived is less than or equal to bytes, then it conforms and it is sent out. However, if that packet is say bytes, it exceeds and the exceed action is taken e. Let us implement this example in GNS3 and see what happens. The lab setup is as shown below:. In the configuration above, traffic from We can view this configuration using the show policy-map command:. We can also use the show policy-map interface command to view the status of our traffic policing:.
Although the mean rate is generally represented as bits per second, any two values may be derived from the third by the relation shown as follows:. Mean rate--Also called the committed information rate CIR , it specifies how much data can be sent or forwarded per unit time on average. Burst size--Also called the Committed Burst Bc size, it specifies in bits or bytes per burst, how much traffic can be sent within a given unit of time to not create scheduling concerns.
For a shaper, such as GTS, it specifies bits per burst; for a policer, such as CAR, it specifies bytes per burst, per second. Time interval--Also called the measurement interval, it specifies the time quantum in seconds per burst. By definition, over any integral multiple of the interval, the bit rate of the interface will not exceed the mean rate. The bit rate, however, may be arbitrarily fast within the interval. A token bucket is used to manage a device that regulates the data in a flow.
A token bucket itself has no discard or priority policy. Rather, a token bucket discards tokens and leaves to the flow the problem of managing its transmission queue if the flow overdrives the regulator. In the token bucket metaphor, tokens are put into the bucket at a certain rate. The bucket itself has a specified capacity.
If the bucket fills to capacity, newly arriving tokens are discarded. Each token is permission for the source to send a certain number of bits into the network. To send a packet, the regulator must remove from the bucket a number of tokens equal in representation to the packet size. If not enough tokens are in the bucket to send a packet, the packet either waits until the bucket has enough tokens in the case of GTS or the packet is discarded or marked down in the case of CAR.
0コメント