Configuring Single Rate Class Based Policing

router(config-pmap-c)#

police avg-rate [BC [BE]] [conform-action action] [exceed-action action] [violate-action action]

• avg-rate: Traffic rate in bps (8000 to 200,000,000)

• BC: normal burst sets the size in bytes

- Default is 1500 bytes, or CIR / 32, whichever is higher

• Be: Excess burst sets the size in bytes

- Default is BC

- transmit (default conform action)

- drop (default exceed and violate action)

- set-prec-transmit ip-precedence

- set-dscp-transmit dscp

- set-qos-transmit qos-group

- set-mpls-exp-transmit mple-exp

- set frde-transmit

- set-clp-transmit

The MQC-based police command defines policing parameters for a specific traffic class. The avg-rate parameter defines the policed CIR; Bc and Be define the token bucket sizes in bytes; and the action defines an action for conforming, exceeding, and optionally violating traffic.

If Bc (in bytes) is not specified, it will default to CIR / 32, or 1500 bytes, whichever is higher. When using the formula CIR / 32 to calculate the default Bc (in bytes), Cisco IOS software uses a Tc of 0.25 second, where:

Bc (in bytes) = (CIR x 0.25 seconds) / 8 = CIR / 32

If Be (in bytes) is not specified, it will default to Bc. In a single token bucket case, Cisco IOS software ignores the Be value. This means that excess bursting is disabled.

The Be rate can be specified when a violate action is configured, therefore using a dual token bucket. This allows Be to be explicitly configured instead of using the default value of Be = Bc. Be specifies the size of the second (excess) token bucket.

Dual token bucket policing with the violate action was introduced in Cisco IOS Release 12.1(5)T.

Class-Based Policing Example: Single Rate, Single Token Bucket

Class Map Policy

The class-based policing configuration example shows two configured traffic classes based on upstream MAC addresses. Traffic from the particular web server, which is classified by its MAC address, is policed to a fixed bandwidth with no excess burst capability using a single token bucket. Conforming traffic is sent as-is and exceeding traffic is dropped. In this case, the www.123.com web server is policed to a rate of 512 kbps and the www.456.com web server is policed to a rate of 256 kbps.

Because the violate action is not specified, this will use a single token bucket scheme and no excess bursting is allowed.

In this example, the committed burst size (Bc) is not specified, and therefore it will default to the 512,000 / 32 (16,000 bytes) and 256,000 / 32 (8000 bytes), respectively.

The default Bc setting can be examined by showing the policy map, as follows. Notice that the Be is not displayed because no excess bursting is allowed using a single token bucket with class-based policing.

router#show policy-map ServerFarm Policy Map ServerFarm Class www.12 3.com police cir 512000 bc 16000 conform-action transmit exceed-action drop Class www.4 5 6.com police cir 256000 bc 8000 conform-action transmit exceed-action drop

Example: Single Rate, Dual Token Bucket Class-Based Policing

Class-Based Policing Example: Single Rate, Dual Token Bucket

Md01 3500k 24d

The class-based policing configuration example shows two configured traffic classes based on upstream MAC addresses.

Traffic from the particular web server, which is classified by its MAC address, is policed to a fixed bandwidth with excess burst capability using a dual token bucket, by configuring a violate action. Conforming traffic will be sent as-is, exceeding traffic will be marked to IP Precedence 3 and transmitted, and all violating traffic will be dropped.

In this example, because the violate action is specified, a dual token bucket scheme with excess bursting will be used. The committed burst size (Bc) is not specified, and therefore it will default to the 512,000 / 32 (16,000 bytes) and 256,000 / 32 (8000 bytes), respectively. The excess burst size (Be) is also not specified, and therefore it will default to Bc.

The default Bc and Be settings can be examined by showing the policy map, as follows: router#show policy-map ServerFarm Policy Map ServerFarm Class www.123.com police cir 512000 bc 16000 be 16000 conform-action transmit exceed-action set-prec-transmit 3 violate-action drop Class www.4 5 6.com police cir 256000 bc 8000 be 8000 conform-action transmit exceed-action set-prec-transmit 3 violate-action drop

Was this article helpful?

0 0

Post a comment