# QOS policer question

Jan 1st, 2009

How is the rate at which traffic is submitted to the policer is determined?

For inbound, I understand that it will be the link speed or clock rate that will determine it. How will it be determined for outbound traffic?

Correct Answer by lejoe.thomas about 8 years 5 months ago

Hi pfillips,

In terms of policing, one token represents a byte. However, in terms of shaping, one token represents a bit.

In terms of shaping, Be=Bc. I think the following will help you in determining when to choose an appropriate Bc for shaping.

In CB shaping, for shaping rate <= 320kbps

CB shaping calculates Tc by setting Bc=8000 bits (assuming you'll be setting only the shaping rate)

For shaping rate greater than 320kbps,

CB shaping sets Tc=25ms and calculates Bc.

(assuming you'll be setting only the shaping rate)

The recommendation when sending latency sensitive traffic however is to tweak the Bc such that Tc equals 10ms. If we specify the shaping rate and Bc, IOS calculates the Tc based on it.

When you said using Be/Bc in shaping, you're referring to shaping with excess burst.

Shaping does not involve the concept of dropping like policing. Here we're are queuing packets from being discarded by a policer.

When to use policing?

It is done on the first device as packets ingress a network, to make sure the network is not being overrun. Typically the case is, when the access rate is much more than the traffic contract. If you're a service provider, you'll most likely police

When to use shaping

This should be obvious. If the next network to which traffic goes is policing, then shaping must be done at the edge (egress) to avoid the policer at the other end from dropping traffic. There is also a case of shaping for egress blocking. If you're an enterprise customer using a service provider, you'll shape.

If you have further clarifications, please feel free to post your question.

HTH

Lejoe

Overall Rating: 5 (1 ratings)

## Replies

lejoe.thomas Thu, 01/01/2009 - 15:11
• Silver, 250 points or more

Hi pfillips,

The simplest CB-policing configuration is that of single bucket and two classes, namely conform and exceed.

Think of this bucket as being filled with tokens at the arrival of a packet at the policer based on the formula

No of tokens = (Current_pkt_arrival_time - Previous_pkt_arrival_time * Police_rate)/8

where time is measured in seconds and Police_rate in bits/sec

For forwarding one byte of a packet, the Policer must remove one token from the bucket. Hence each token gives the policer the right to send 1 byte of a packet.

Now lets take an example,

If 2 seconds passed since the previous packet arrived and the policing rate is 64000bps, then according to the above formula

No of tokens = 2 x 64000 / 8 = 16000 tokens

-if the no of bytes in packet is less than or equal to the number of tokens, the packet conforms. Appropriate action is taken

-if the no of bytes in packet is greater than number of tokens, the packet exceeds the contract. Appropriate action is taken.

So the outbound traffic or [no of packets sent] in this case is present on the no of tokens present in single bucket.

There are other cases of CB policing as well

1) Single rate, dual bucket, three-color

2) Dual rate, dual bucket, three-color

Please note policing is usually done on packets entering first device in a network, rather than on egress.

HTH

Lejoe

pfillips11 Thu, 01/01/2009 - 16:41

Thanks LeJoe.

Is one token equivalent to a Byte or bit?

I think initially I didn't out my question correctly. Or rather I myself am confused.

Let me try again with an example.

Primarily, I am trying to understand how should I manually choose Bc and Be values for best performance. I understand that Bc is defined to overcome interpacket delay. For eg. if,

CIR- 8000bps

Bc- 2000bit

Clock Rate- 64000bps

The Tc will be 250ms.

The 64Kbps circuit can transfer Bc(2000bits) in 2000/64000= 31.25msec.

This means that the circuit will not tranfer any more packets for next 250 - 31.25 = 218.75 msec.

Lets consider that I have a packet that is 4000bits. And the exceed action is drop. If I have a 2000bit Bc set then out of 4000bits, 2000bits will be dropped and TCP retransmit will occur.

On the other hand, if I don't have any Bc/Be then there are better chances of sending 4000bits.

Hmm...Interesting, I guess, I answered few of my queries while writing this.

May be its better to use shapers than policers. Or a lot depends on how bursty is the traffic flow.

Still posting it. Please correct me if I am wrong.

Thanks Again!

lejoe.thomas Thu, 01/01/2009 - 17:21
• Silver, 250 points or more

Hi pfillips,

In terms of policing, one token represents a byte. However, in terms of shaping, one token represents a bit.

In terms of shaping, Be=Bc. I think the following will help you in determining when to choose an appropriate Bc for shaping.

In CB shaping, for shaping rate <= 320kbps

CB shaping calculates Tc by setting Bc=8000 bits (assuming you'll be setting only the shaping rate)

For shaping rate greater than 320kbps,

CB shaping sets Tc=25ms and calculates Bc.

(assuming you'll be setting only the shaping rate)

The recommendation when sending latency sensitive traffic however is to tweak the Bc such that Tc equals 10ms. If we specify the shaping rate and Bc, IOS calculates the Tc based on it.

When you said using Be/Bc in shaping, you're referring to shaping with excess burst.

Shaping does not involve the concept of dropping like policing. Here we're are queuing packets from being discarded by a policer.

When to use policing?

It is done on the first device as packets ingress a network, to make sure the network is not being overrun. Typically the case is, when the access rate is much more than the traffic contract. If you're a service provider, you'll most likely police

When to use shaping

This should be obvious. If the next network to which traffic goes is policing, then shaping must be done at the edge (egress) to avoid the policer at the other end from dropping traffic. There is also a case of shaping for egress blocking. If you're an enterprise customer using a service provider, you'll shape.

If you have further clarifications, please feel free to post your question.

HTH

Lejoe

pfillips11 Fri, 01/02/2009 - 07:41

Thanks Lejoe. It helps a lot.

Is there a document explaining policing/shaping in detail for reference?

lejoe.thomas Fri, 01/02/2009 - 16:08
• Silver, 250 points or more

Hi pfillips,

There are a couple of documents, especially the IOS QOS configuration guide.

http://www.cisco.com/en/US/docs/ios/qos/configuration/guide/polcing_shping_oview_ps6350_TSD_Products_Configuration_Guide_Chapter.html

And general comparison between the two

http://www.cisco.com/en/US/tech/tk543/tk545/technologies_tech_note09186a00800a3a25.shtml

But to be honest, I personally prefer using the

Cisco QOS Certification Guide as the first reference, explaining all underlying concepts systematically and then using the above as additional references [primarily implementation].

http://www.amazon.com/gp/product/1587201240

HTH

Lejoe