12-10-2007 01:22 PM - edited 03-03-2019 07:52 PM
Hi, all.
I'd like to ask you some question about policing and shaping. I decided to test these two traffic conditioners, and wrote these two simple policy-maps:
class POLICE
match any
policy-map POLICE
class POLICE
police 256000
policy-map SHAPE
class POLICE
shape average 256000
than I applied them one after another to fa0/2 interface in the outbound direction, while downloading a big file from the Internet:
(Internet)===fa0/1(ROUTER)fa0/2====TEST_PC
interface Fa0/2
service-policy output POLICE/SHAPE
and I've got to tell you I was surprised. With service-policy POLICE configured, the download speed was only 15,2KB, while with service-policy SHAPE configured it was 31,2KB.
Could somebody please explain these results?
Is that because the policer drops packets instead of just queuing them thus causing the sender slow its transmission rate?
Thanks.
Solved! Go to Solution.
12-11-2007 08:08 AM
Generally, end customers should use traffic shaping and service providers policing. Best performance with most applications will be achieved with shaping, but you need a router or more expensive switch to do it, and it can only be done on egress ports. Policing can be done easily on all SP edge devices ingress ports. If the customer shapes, the service provider's policing should never kick in.
At least this is my theory.
Please rate helpful posts.
Dave
12-10-2007 02:28 PM
When the packet is dropped, if it's TCP,it will be resent again thus doubling the bandwidth utilization.
12-10-2007 03:37 PM
You are correct, when packets are dropped congestion avoidance and slow start will kick in dramatically slowing the transmit rate. If you test with multiple senders you would be able to utilize more of the full policed bandwidth.
http://rfc.dotsrc.org/rfc/rfc2001.html
Please rate helpful posts.
12-10-2007 11:27 PM
TCP uses a "congestion window" to react to packet drops. like the "advertised window" is used by the reciever to tell sender about its window size, similarly "congestion window" is used by the sender to slow down the sending rate eachtime a pkt is dropped.
When the sender doesnt recv an ack from reciever, it reduce the size of congestion window & slowdown the rate at which sends. This happens everytime a packet is dropped or ack is not recvd. This term is also referred to as "slow-start". Thats why the download speed was less with policing.
Whereas with shaping, the sender maintains the rate configured.
hope that clarifies.
pls rate all helpful posts.
12-11-2007 12:27 AM
Thank you all for your help and time.
So, I guess the best practice recomendations for rate-limiting users/customers are to use shaping for single user or small amount of users and use policing in all other cases.
12-11-2007 08:08 AM
Generally, end customers should use traffic shaping and service providers policing. Best performance with most applications will be achieved with shaping, but you need a router or more expensive switch to do it, and it can only be done on egress ports. Policing can be done easily on all SP edge devices ingress ports. If the customer shapes, the service provider's policing should never kick in.
At least this is my theory.
Please rate helpful posts.
Dave
12-11-2007 08:49 AM
Thanks again guys for sharing your experience. I'll take all that into account.
12-11-2007 08:16 AM
I usually go with policing on incoming traffic and shaping on outgoing traffic.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide