4-7-Introducing-Traffic-Policing-and-Shaping

ImplementtheDiffServQoSModelIntroducingTrafficPolicingandShapingTrafficPolicingandShapingOverviewTrafficPolicingandShapingOverview•Thesemechanismsmustclassifypacketsbeforepolicingorshapingthetrafficrate.•Trafficpolicingtypicallydropsormarksexcesstraffictostaywithinatrafficratelimit.•Trafficshapingqueuesexcesspacketstostaywithinthedesiredtrafficrate.WhyUsePolicing?•Tolimitaccesstoresourceswhenhigh-speedaccessisusedbutnotdesired(subrateaccess)•Tolimitthetrafficrateofcertainapplicationsortrafficclasses•Tomarkdown(recolor)exceedingtrafficatLayer2orLayer3WhyUseShaping?•TopreventandmanagecongestioninATM,FrameRelay,andMetroEthernetnetworks,whereasymmetricbandwidthsareusedalongthetrafficpath•Toregulatethesendingtrafficratetomatchthesubscribed(committed)rateinATM,FrameRelay,orMetroEthernetnetworks•ToimplementshapingatthenetworkedgeWhyUseTrafficConditioners?TrafficPolicingExample•Donotrate-limittrafficfrommission-criticalserver.•Rate-limitfile-sharingapplicationtrafficto56kbps.TrafficPolicingExample•Donotrate-limittrafficfrommission-criticalserver.•Rate-limitfile-sharingapplicationtrafficto56kbps.TrafficPolicingandShapingExampleTrafficPolicingandShapingExample•CentraltoremotesitespeedmismatchTrafficPolicingandShapingExample•Centraltoremotesitespeedmismatch•RemotetocentralsiteoversubscriptionTrafficPolicingandShapingExample•Centraltoremotesitespeedmismatch•Remotetocentralsiteoversubscription•Bothsituationsresultinbufferingandindelayedordroppedpackets.Policingvs.ShapingPolicingvs.Shaping•Incomingandoutgoingdirections.•Out-of-profilepacketsaredropped.•DroppingcausesTCPretransmits.•Policingsupportspacketmarkingorre-marking.•Outgoingdirectiononly.•Out-of-profilepacketsarequeueduntilabuffergetsfull.•BufferingminimizesTCPretransmits.•Markingorre-markingnotsupported.•ShapingsupportsinteractionwithFrameRelaycongestionindication.MeasuringTrafficRatesSingleTokenBucketIfsufficienttokensareavailable(conformaction):•Tokensequivalenttothepacketsizeareremovedfromthebucket.•Thepacketistransmitted.SingleTokenBucket(Cont.)Ifsufficienttokensarenotavailable(exceedaction):•Drop(ormark)thepacket.SingleTokenBucket(Cont.)Ifsufficienttokensarenotavailable(exceedaction):•Drop(ormark)thepacket.SingleTokenBucketClass-BasedPolicingSingleTokenBucketClass-BasedPolicing•Bcisnormalburstsize.•Tcisthetimeinterval.•CIRisthecommittedinformationrate.•CIR=Bc/TcCiscoIOSTrafficPolicingandShapingMechanismsCiscoIOSTrafficPolicingMechanismClass-BasedPolicingEnablemethodEnabledinpolicymapConditionsActionsConform,exceed,violateDrop,set,transmitImplementationsSingleordualtokenbucket,single-ordual-ratepolicing,multiactionsCiscoIOSTraffic-ShapingMechanismsClass-BasedShapingFRTSRestrictionShaperforanysubinterfaceShaperforFrameRelayonlyClassificationClass-basedPerDLCIorsubinterfaceLinkfragmentationandinterleavingNosupportforFRF.12SupportsFRF.12FrameRelaySupportUnderstandsBECNandFECNUnderstandsBECNandFECNConfigurationSupportedviaMQCSupportedviaMQCApplyingTrafficConditionersApplyingRateLimitingSummary•Trafficshapingandpolicingaremechanismsthatuseclassificationtolimittrafficrate.•Trafficshapingqueuesexcesspacketstostaywithinthecontractualrate.Trafficpolicingtypicallydropsexcesstraffictostaywithinthelimit;alternatively,itcanre-mark,thensendexcesstraffic.•Bothtrafficpolicingandshapingensurethattrafficdoesnotexceedabandwidthlimit,buttheyhavedifferentimpactsonthetraffic.•Thetokenbucketisamathematicalmodelthatisusedbyroutersandswitchestoregulatetrafficflow.•Withasingletokenbucketmodel,themeasuredtrafficratecanconformtoorexceedthespecifiedtrafficrate.•Class-basedpolicingisthelatestCiscoIOStraffic-policingmechanism.Class-basedshapingandFRTSaretwoCiscoIOStraffic-shapingmechanisms.•Policingisoftenimplementedattheaccessordistributionlayer,shapingisimplementedattheWANedge.