© 2006 Cisco Systems, Inc. All rights reserved.ONT v Implement the DiffServ QoS Model Introducing Traffic Policing and Shaping

© 2006 Cisco Systems, Inc. All rights reserved.ONT v Traffic Policing and Shaping Overview

© 2006 Cisco Systems, Inc. All rights reserved.ONT v Traffic Policing and Shaping Overview These mechanisms must classify packets before policing or shaping the traffic rate. Traffic policing typically drops or marks excess traffic to stay within a traffic rate limit. Traffic shaping queues excess packets to stay within the desired traffic rate.

© 2006 Cisco Systems, Inc. All rights reserved.ONT v Why Use Policing? To limit access to resources when high-speed access is used but not desired (subrate access) To limit the traffic rate of certain applications or traffic classes To mark down (recolor) exceeding traffic at Layer 2 or Layer 3

© 2006 Cisco Systems, Inc. All rights reserved.ONT v Why Use Shaping? To prevent and manage congestion in ATM, Frame Relay, and Metro Ethernet networks, where asymmetric bandwidths are used along the traffic path To regulate the sending traffic rate to match the subscribed (committed) rate in ATM, Frame Relay, or Metro Ethernet networks To implement shaping at the network edge

© 2006 Cisco Systems, Inc. All rights reserved.ONT v Why Use Traffic Conditioners?

© 2006 Cisco Systems, Inc. All rights reserved.ONT v Traffic Policing Example Do not rate-limit traffic from mission-critical server. Rate-limit file-sharing application traffic to 56 kbps.

© 2006 Cisco Systems, Inc. All rights reserved.ONT v Traffic Policing Example Do not rate-limit traffic from mission-critical server. Rate-limit file-sharing application traffic to 56 kbps.

© 2006 Cisco Systems, Inc. All rights reserved.ONT v Traffic Policing and Shaping Example

© 2006 Cisco Systems, Inc. All rights reserved.ONT v Traffic Policing and Shaping Example Central to remote site speed mismatch

© 2006 Cisco Systems, Inc. All rights reserved.ONT v Traffic Policing and Shaping Example Central to remote site speed mismatch Remote to central site oversubscription

© 2006 Cisco Systems, Inc. All rights reserved.ONT v Traffic Policing and Shaping Example Central to remote site speed mismatch Remote to central site oversubscription Both situations result in buffering and in delayed or dropped packets.

© 2006 Cisco Systems, Inc. All rights reserved.ONT v Policing vs. Shaping

© 2006 Cisco Systems, Inc. All rights reserved.ONT v Policing vs. Shaping Incoming and outgoing directions. Out-of-profile packets are dropped. Dropping causes TCP retransmits. Policing supports packet marking or re-marking. Outgoing direction only. Out-of-profile packets are queued until a buffer gets full. Buffering minimizes TCP retransmits. Marking or re-marking not supported. Shaping supports interaction with Frame Relay congestion indication.

© 2006 Cisco Systems, Inc. All rights reserved.ONT v Measuring Traffic Rates

© 2006 Cisco Systems, Inc. All rights reserved.ONT v Single Token Bucket If sufficient tokens are available (conform action): Tokens equivalent to the packet size are removed from the bucket. The packet is transmitted.

© 2006 Cisco Systems, Inc. All rights reserved.ONT v Single Token Bucket (Cont.) If sufficient tokens are not available (exceed action): Drop (or mark) the packet.

© 2006 Cisco Systems, Inc. All rights reserved.ONT v Single Token Bucket (Cont.) If sufficient tokens are not available (exceed action): Drop (or mark) the packet.

© 2006 Cisco Systems, Inc. All rights reserved.ONT v Single Token Bucket (Cont.) If sufficient tokens are not available (exceed action): Drop (or mark) the packet.

© 2006 Cisco Systems, Inc. All rights reserved.ONT v Single Token Bucket Class-Based Policing

© 2006 Cisco Systems, Inc. All rights reserved.ONT v Single Token Bucket Class-Based Policing Bc is normal burst size. Tc is the time interval. CIR is the committed information rate. CIR = Bc / Tc

© 2006 Cisco Systems, Inc. All rights reserved.ONT v Cisco IOS Traffic Policing and Shaping Mechanisms

© 2006 Cisco Systems, Inc. All rights reserved.ONT v Cisco IOS Traffic Policing Mechanism Class-Based Policing Enable methodEnabled in policy map Conditions Actions Conform, exceed, violate Drop, set, transmit Implementations Single or dual token bucket, single- or dual-rate policing, multiactions

© 2006 Cisco Systems, Inc. All rights reserved.ONT v Cisco IOS Traffic-Shaping Mechanisms Class-Based Shaping FRTS Restriction Shaper for any subinterface Shaper for Frame Relay only ClassificationClass-based Per DLCI or subinterface Link fragmentation and interleaving No support for FRF.12 Supports FRF.12 Frame Relay Support Understands BECN and FECN ConfigurationSupported via MQC

© 2006 Cisco Systems, Inc. All rights reserved.ONT v Applying Traffic Conditioners

© 2006 Cisco Systems, Inc. All rights reserved.ONT v Applying Rate Limiting

© 2006 Cisco Systems, Inc. All rights reserved.ONT v Summary Traffic shaping and policing are mechanisms that use classification to limit traffic rate. Traffic shaping queues excess packets to stay within the contractual rate. Traffic policing typically drops excess traffic to stay within the limit; alternatively, it can re-mark, then send excess traffic. Both traffic policing and shaping ensure that traffic does not exceed a bandwidth limit, but they have different impacts on the traffic. The token bucket is a mathematical model that is used by routers and switches to regulate traffic flow. With a single token bucket model, the measured traffic rate can conform to or exceed the specified traffic rate. Class-based policing is the latest Cisco IOS traffic-policing mechanism. Class-based shaping and FRTS are two Cisco IOS traffic-shaping mechanisms. Policing is often implemented at the access or distribution layer, shaping is implemented at the WAN edge.

© 2006 Cisco Systems, Inc. All rights reserved.ONT v