Presentation is loading. Please wait.

Presentation is loading. Please wait.

© 2001, Cisco Systems, Inc. Traffic Shaping and Policing.

Published bySusanna Mathews Modified over 9 years ago

Similar presentations

Presentation on theme: "© 2001, Cisco Systems, Inc. Traffic Shaping and Policing."— Presentation transcript:

1 © 2001, Cisco Systems, Inc. Traffic Shaping and Policing

2 © 2001, Cisco Systems, Inc. QOS v1.0—4-2 Inner Mongolia University Objectives  Upon completing this module, you will be able to:  Describe and configure generic traffic shaping (GTS)  Describe and configure Frame Relay traffic shaping (FRTS)  Describe and configure committed access rate (CAR)  Name other mechanisms that support traffic shaping and policing (class-based policing and class-based shaping)

3 © 2001, Cisco Systems, Inc. Traffic Shaping and Policing Overview

4 © 2001, Cisco Systems, Inc. QOS v1.0—4-4 Inner Mongolia University Objectives  Upon completing this lesson, you will be able to:  Describe the need for implementing traffic policing and shaping mechanisms  List traffic policing and shaping mechanisms available in Cisco IOS  Describe the benefits and drawbacks of traffic shaping and policing mechanisms

5 © 2001, Cisco Systems, Inc. QOS v1.0—4-5 Inner Mongolia University 5 Traffic Shaping and Policing  Traffic shaping and policing mechanisms are used to rate-limit traffic classes.  They have to be able to classify packets and meter their rate of arrival.  Traffic shaping delays excess packets so that they stay within the rate limit.  Traffic policing typically drops excess traffic so that it stays within the limit; alternatively, it can remark excess traffic. ClassifierMarker Dropper Meter Traffic Stream

6 © 2001, Cisco Systems, Inc. QOS v1.0—4-6 Inner Mongolia University 6 Why Use Rate Limiting?  To handle congestion at ingress to ATM/Frame Relay network with asymmetric link bandwidths  To limit access to resources when high-speed access is used but not desired  To limit certain applications or classes  To implement a virtual TDM system

7 © 2001, Cisco Systems, Inc. QOS v1.0—4-7 Inner Mongolia University 7 Typical Traffic Shaping or Policing Applications Low-Speed Link High-Speed Link Output interface is not congested; queuing and WRED do not work. Output interface is not congested; queuing and WRED do not work. Congestion in WAN network results in nonintelligent Layer 2 drops. Server Farm WAN Internet FastEthernet 256 kbps 64 kbps 128 kbps Access to resources is limited. A virtual TDM or leased line is implemented over a single physical link on one side

8 © 2001, Cisco Systems, Inc. QOS v1.0—4-8 Inner Mongolia University 8 Shaping vs. Policing  Benefits of shaping: Shaping does not drop packets. Shaping supports interaction with Frame Relay congestion indication.  Benefits of policing: Policing supports marking. Buffer usage is not increased (shaping requires an additional queuing system).

9 © 2001, Cisco Systems, Inc. QOS v1.0—4-9 Inner Mongolia University 9 How Do Routers Measure Traffic Rate?  Routers use the token bucket mathematical model to keep track of packet arrival rate.  The token bucket model is used whenever a new packet is processed.  The return value is conform or exceed. Bandwidth Time Link Bandwidth Rate Limit Exceeding Traffic Conforming Traffic

10 © 2001, Cisco Systems, Inc. QOS v1.0—4-10 Inner Mongolia University 10 700 200 Token Bucket 500 bytes Conform Action

11 © 2001, Cisco Systems, Inc. QOS v1.0—4-11 Inner Mongolia University 11 200 Token Bucket (cont.) 300 bytes Exceed Action 300 bytes

12 © 2001, Cisco Systems, Inc. QOS v1.0—4-12 Inner Mongolia University 12 Token Bucket  B c is normal burst size (specifies sustained rate)  B e is excess burst size (specifies length of burst) B c + B e B c of tokens is added every T c [ms] T c = B c / CIR Time Link Utilization TcTc 2*T c 3*T c 4*T c 5*T c BcBc BcBc BcBc BcBc BcBc BcBc Link BW Average BW (CIR) BeBe

13 © 2001, Cisco Systems, Inc. QOS v1.0—4-13 Inner Mongolia University 13 Traffic Shaping and Policing Mechanisms  Shaping mechanisms: Generic traffic shaping (GTS) Frame Relay traffic shaping (FRTS) Class-based shaping  Policing mechanisms: Committed access rate (CAR) Class-based policing

14 © 2001, Cisco Systems, Inc. QOS v1.0—4-14 Inner Mongolia University Summary  Upon completing this lesson, you should be able to:  Describe the need for implementing traffic policing and shaping mechanisms  List traffic policing and shaping mechanisms available in Cisco IOS  Describe the benefits and drawbacks of traffic shaping and policing mechanisms

15 © 2001, Cisco Systems, Inc. QOS v1.0—4-15 Inner Mongolia University Lesson Review 1.How do shaping and policing mechanisms keep track of the traffic rate? 2.Which shaping mechanisms are available with Cisco IOS software? 3.Which policing mechanisms are available with Cisco IOS software? 4.What are the main differences between shaping and policing?

16 © 2001, Cisco Systems, Inc. Generic Traffic Shaping

17 © 2001, Cisco Systems, Inc. QOS v1.0—4-17 Inner Mongolia University Objectives  Upon completing this lesson, you will be able to:  Describe the GTS mechanism  Describe the benefits and drawbacks of GTS  Configure GTS on Cisco routers  Monitor and troubleshoot GTS

18 © 2001, Cisco Systems, Inc. QOS v1.0—4-18 Inner Mongolia University 18 Generic Traffic Shaping  Can shape multiple classes (classification)  Can measure traffic rate of individual classes (metering)  Delays packets of exceeding classes (shaping) Traffic Stream ClassifierMarker Shaper Dropper Meter

19 © 2001, Cisco Systems, Inc. QOS v1.0—4-19 Inner Mongolia University 19 GTS Building Blocks Classifier No Physical Interface Queue(s) Shaping WFQ Yes Shaping WFQ Shaping WFQ No Yes Forwarder

20 © 2001, Cisco Systems, Inc. QOS v1.0—4-20 Inner Mongolia University 20 GTS Overview  GTS is multiprotocol.  GTS uses WFQ for the shaping queue.  GTS can be implemented in combination with any queuing mechanisms: FIFO queuing Priority queuing (PQ) Custom queuing (CQ) Weighted fair queuing (WFQ)  GTS works on output only.

21 © 2001, Cisco Systems, Inc. QOS v1.0—4-21 Inner Mongolia University 21 GTS Implementation  The software queue may have no function if the sum of all shaping rates is less than the link bandwidth. Shaping Queue (WFQ) Shaping Queue (WFQ) Software Queue (FIFO, PQ, CQ, WFQ,...) Software Queue (FIFO, PQ, CQ, WFQ,...) Hardware Queue (FIFO) Hardware Queue (FIFO) Dispatches packets at configured rate Dispatches packets at line rate Bypasses the software queue if it is empty and there is room in the hardware queue

22 © 2001, Cisco Systems, Inc. QOS v1.0—4-22 Inner Mongolia University 22 Configuring GTS Enables traffic shaping of all outbound (sub)interface traffic In IOS versions prior to 11.2(19) and 12.0(4), optimum switching is disabled on all interfaces if traffic shaping is enabled on any interface traffic-shape rate bit-rate [burst-size [excess- burst-size]] Router(config-if)#

23 © 2001, Cisco Systems, Inc. QOS v1.0—4-23 Inner Mongolia University 23 Configuring GTS (cont.) Bit rate: average traffic rate in bps (equivalent to Frame Relay CIR) Burst size: amount of traffic sent in a measurement interval in bits (equivalent to Frame Relay B c ) Default value: 1/8 of bit rate traffic-shape rate bit-rate [burst-size [excess- burst-size]] Router(config-if)#

24 © 2001, Cisco Systems, Inc. QOS v1.0—4-24 Inner Mongolia University 24 Configuring GTS (cont.) Excess burst size: amount of excess traffic that can be sent during the first burst in bps (equivalent to Frame Relay B e ) –Default value: no excess burst Measurement interval (T c ): computed from bit rate and burst size –T c smaller than 25 ms is rejected: T c greater than 125 ms is reduced traffic-shape rate bit-rate [burst-size [excess- burst-size]] Router(config-if)#

25 © 2001, Cisco Systems, Inc. QOS v1.0—4-25 Inner Mongolia University 25 Configuring GTS (cont.) Traffic-shape group shapes outbound traffic matched by the specified access list. Several traffic-shape group commands can be configured on the same interface. The traffic-shape rate and traffic-shape group commands cannot be mixed on the same interface. A separate token bucket and shaping queue is maintained for each traffic-shape group command. Traffic not matching any access list is not shaped. traffic-shape group access-list bit-rate [burst [excess-burst]] Router(config-if)#

26 © 2001, Cisco Systems, Inc. QOS v1.0—4-26 Inner Mongolia University 26 GTS Example #1  An ISP wants to sell a service in which a customer may use all of an E1 line for 30 seconds in a burst, but on a long-term average is limited to 256 kbps.  GTS parameters: Bit rate: 256,000—output rate is 256,000 bps Burst size—32,000 the number of bits sent in 125 ms Excess burst size: 61,440,000 = 2,048,000 x 30

27 © 2001, Cisco Systems, Inc. QOS v1.0—4-27 Inner Mongolia University 27 Core Customer GTS Example #1 (cont.) interface ethernet0/0 traffic-shape rate 256000 32000 61440000 ! interface serial1/0 traffic-shape rate 256000 32000 61440000 interface ethernet0/0 traffic-shape rate 256000 32000 61440000 ! interface serial1/0 traffic-shape rate 256000 32000 61440000 Because the ISP wants to control the total amount of load, the configuration would be done on both the inbound and outbound interfaces. WAN

28 © 2001, Cisco Systems, Inc. QOS v1.0—4-28 Inner Mongolia University 28 Core Customer GTS Example #2 The customer wants to be sure that web traffic will never use more than 64 kbps. WAN interface ethernet 0/0 traffic-shape group 101 64000 interface serial 1/0 traffic-shape group 101 64000 ! access-list 101 permit tcp any any eq www interface ethernet 0/0 traffic-shape group 101 64000 interface serial 1/0 traffic-shape group 101 64000 ! access-list 101 permit tcp any any eq www

29 © 2001, Cisco Systems, Inc. QOS v1.0—4-29 Inner Mongolia University Monitoring GTS  Router#show traffic-shape  access Target Byte Sustain Excess Interval Increment Adapt  I/F list Rate Limit bits/int bits/int (ms) (bytes) Active  Se3/3 100000 2000 8000 8000 80 1000 -  Router#show traffic-shape  access Target Byte Sustain Excess Interval Increment Adapt  I/F list Rate Limit bits/int bits/int (ms) (bytes) Active  Se3/3 100000 2000 8000 8000 80 1000 - CIR BcBc BeBe T c =B c /CIR MAX = (Bc + B e )/8B c = T c * CIR Do we listen to FECN/BECN? Displays current traffic shaping configuration show traffic-shape Router(config)#

30 © 2001, Cisco Systems, Inc. QOS v1.0—4-30 Inner Mongolia University Monitoring GTS (cont.)  Router#show traffic-shape statistics  Access Queue Packets Bytes Packets Bytes Shaping  I/F List Depth Delayed Delayed Active  Se3/3 77 16091 3733112 414 96048 yes  Router#show traffic-shape statistics  Access Queue Packets Bytes Packets Bytes Shaping  I/F List Depth Delayed Delayed Active  Se3/3 77 16091 3733112 414 96048 yes Depth of the associated WFQ queue for delayed packets Number of packets/bytes sent on the interface Subset of the previous number of packets/bytes delayed via the WFQ queue Displays traffic shaping statistics show traffic-shape statistics Router(config)#

31 © 2001, Cisco Systems, Inc. QOS v1.0—4-31 Inner Mongolia University Monitoring GTS (cont.)  router#show traffic-shape queue  Traffic queued in shaping queue on Serial0  (depth/weight) 1/4096  Conversation 254, linktype: ip, length: 232  source: 1.1.1.1, destination: 1.1.2.47, id: 0x0001, ttl: 208,  TOS: 0 prot: 17, source port 11111, destination port 22222  router#show traffic-shape queue  Traffic queued in shaping queue on Serial0  (depth/weight) 1/4096  Conversation 254, linktype: ip, length: 232  source: 1.1.1.1, destination: 1.1.2.47, id: 0x0001, ttl: 208,  TOS: 0 prot: 17, source port 11111, destination port 22222 Displays the shaping queue contents show traffic-shape queue Router(config)#

32 © 2001, Cisco Systems, Inc. QOS v1.0—4-32 Inner Mongolia University 32 GTS on Frame Relay Interfaces  GTS can be implemented on any type of (sub)interface.  GTS supports additional features when implemented on Frame Relay interfaces: Adaptation to Frame Relay congestion notification BECN-to-FECN reflection FECN creation on congestion

33 © 2001, Cisco Systems, Inc. QOS v1.0—4-33 Inner Mongolia University 33 Frame Relay Refresher  Frame Relay explicit congestion notification FECN (Forward explicit congestion notification) BECN (Backward explicit congestion notification) CLLM (Consolidated link layer management)  Implicit congestion notification Network discards detected by end user at higher layers DE (discard eligibile) bit

34 © 2001, Cisco Systems, Inc. QOS v1.0—4-34 Inner Mongolia University 34 Frame 1 Frame 1 FECN Frame 2 Frame 2 BECN Congestion This SideNo Congestion This Side Switch monitors all transmit queues for congestion. SenderSender ReceiverReceiver Frame Relay Switch Frame Relay Switch Frame Relay FECN/BECN Congestion Control Sa m e Virtual Circuit (VC) Frame Relay switch detects congestion on output queue and informs: –The receiver, by setting the FECN bit on forwarded frames –The source, by setting the BECN bit on frames going in the opposite direction

35 © 2001, Cisco Systems, Inc. QOS v1.0—4-35 Inner Mongolia University 35 GTS Frame Relay Congestion Adaptability  On a Frame Relay (sub)interface, GTS can adapt dynamically to available Frame Relay bandwidth by integrating BECN signals: The GTS bit rate is reduced when BECN packets are received in order to reduce the data flow through the congested Frame Relay network. Adaptation is done on a per- (sub)interface basis. The GTS bit rate is gradually increased when the congestion is no longer present (no BECN packets are received anymore).

36 © 2001, Cisco Systems, Inc. QOS v1.0—4-36 Inner Mongolia University 36 GTS Frame Relay Congestion Adaptability Mechanisms  Bit-rate adaptation: The traffic shaping bit rate is reduced when a packet with a BECN bit is received in the T c. The traffic shaping bit rate is increased if no BECN bits were received in the T c.  FECN-to-BECN propagation: A test packet with a BECN bit set is sent to the sender if a packet with an FECN bit set is received.

37 © 2001, Cisco Systems, Inc. QOS v1.0—4-37 Inner Mongolia University 37 An Example of BECN Integration BECN Integration 0 1000 2000 3000 4000 5000 6000 7000 8000 9000 12345678910111213141516171819202122232425 Time Represented in Units of T c Inc Added Every T c in the Token Bucket Inc BECN traffic-shape rate 64000 8000 8000 traffic-shape adaptive 32000 BECN received at T c #1 and T c #3 Hypothesis: no idle traffic

38 © 2001, Cisco Systems, Inc. QOS v1.0—4-38 Inner Mongolia University Congestion FECN-to-BECN Propagation SenderSender ReceiverReceiver If there is no reverse traffic, the switch is not able to set BECN in frames going back to sender. BECN in Q.922Test FECN Frame Relay Switch Frame Relay Switch

39 © 2001, Cisco Systems, Inc. QOS v1.0—4-39 Inner Mongolia University 39 Configuring Bit-Rate Adaptation Configures traffic shaping Frame Relay bit-rate adaptation bit-rate—lowest bit rate the traffic is shaped to in response to continuous BECN signals Default: one-half the specified traffic shaping rate Traffic shaping has to be enabled traffic-shape adaptive [bit-rate] Router(config-if)#

40 © 2001, Cisco Systems, Inc. QOS v1.0—4-40 Inner Mongolia University 40 Configures the router to send Frame Relay TEST message with BECN bit set in response to receiving a frame with FECN bit set Can be used without adaptive traffic shaping Configuring FECN-to-BECN Propagation Sets FECN bit in all outgoing packets that have been delayed due to traffic shaping Use for debugging/simulation only traffic-shape fecn-adapt Router(config-if)# traffic-shape fecn-create Router(config-if)#

41 © 2001, Cisco Systems, Inc. QOS v1.0—4-41 Inner Mongolia University 41 GTS Frame Relay Adaptation Design  Conservative scenario:  Set shaping rate to CIR  Set minimum rate to MIR (or one-half CIR)  Optimistic scenario:  Set shaping rate to EIR  Set minimum rate to CIR  Realistic scenario:  Set shaping rate to EIR  Set minimum rate to MIR (or one-half CIR)

42 © 2001, Cisco Systems, Inc. QOS v1.0—4-42 Inner Mongolia University 42 Core Customer WAN GTS Frame Relay Adaptation Example interface serial 0/0 traffic-shape rate 64000 8000 8000 traffic-shape adaptive 48000 interface serial 0/0 traffic-shape rate 64000 8000 8000 traffic-shape adaptive 48000 EIR = 64 kbps CIR = 48 kbps Assumption: Frame Relay network is usually not congested.

43 © 2001, Cisco Systems, Inc. QOS v1.0—4-43 Inner Mongolia University Summary  Upon completing this lesson, you should be able to:  Describe the GTS mechanism  Describe the benefits and drawbacks of GTS  Configure GTS on Cisco routers  Monitor and troubleshoot GTS

44 © 2001, Cisco Systems, Inc. QOS v1.0—4-44 Inner Mongolia University Lesson Review 1.What software queuing mechanisms are supported in combination with GTS? 2.Which queuing structure does GTS use? 3.What features does GTS include when it is used on Frame Relay interfaces?

45 © 2001, Cisco Systems, Inc. Committed Access Rate

46 © 2001, Cisco Systems, Inc. QOS v1.0—4-46 Inner Mongolia University Objectives  Upon completing this lesson, you will be able to:  Describe the CAR mechanism  Describe the benefits and drawbacks of CAR  Describe the differences between CAR, GTS, and FRTS  Configure CAR on Cisco routers  Monitor and troubleshoot CAR

47 © 2001, Cisco Systems, Inc. QOS v1.0—4-47 Inner Mongolia University 47 Committed Access Rate  Primarily intended for rate limiting  Can be used on inbound and outbound traffic  Does not queue (delay) packets  Can also mark packets  Can be implemented for differentiated marking ClassifierMarker Dropper Meter Inbound or Outbound

48 © 2001, Cisco Systems, Inc. QOS v1.0—4-48 Inner Mongolia University 48 CAR on Input and Output Inbound ClassifierMarker Dropper Meter Outbound ClassifierMarkerDropper Meter Forwarding Queuing  CAR on input is processed just before forwarding (most other QoS mechanisms are processed before CAR).  CAR on output is processed immediately after forwarding (most other QoS mechanisms are processed after CAR).

49 © 2001, Cisco Systems, Inc. QOS v1.0—4-49 Inner Mongolia University 49 CAR Implementation  The software queue may have no function if the sum of all CAR rates is less than the link bandwidth. Software Queue (FIFO, PQ, CQ, WFQ,...) Software Queue (FIFO, PQ, CQ, WFQ,...) Hardware Queue (FIFO) Hardware Queue (FIFO) Dispatches packets at line rate Bypasses the software queue if it is empty and there is room in the hardware queue CAR Dispatches packets at configured rate

50 © 2001, Cisco Systems, Inc. QOS v1.0—4-50 Inner Mongolia University 50 Interface-Wide CAR Diagram Class 1? Class 2? Class n? CAR continue transmit drop Output Queue or Forward CAR has three different actions: –Transmit –Continue –Drop

51 © 2001, Cisco Systems, Inc. QOS v1.0—4-51 Inner Mongolia University 51 CAR Diagram Meter Conforms? Set IP Precedence? Set DSCP? Set MPLS Experimental? Set QoS group? Mark? Transmit? Yes / No Set IP Precedence Set DSCP Set MPLS Experimental Set QoS Group Continue? Drop? Yes No Forward or Enqueue Go to Next CAR Command Marking depends on whether the packet conforms to or exceeds the policy. Yes

52 © 2001, Cisco Systems, Inc. QOS v1.0—4-52 Inner Mongolia University 52 Configuring CAR Specifies all four conditioner elements for a particular traffic class Repeat this command for different classes of traffic If a match is not found, the default action is to transmit rate-limit {input | output} [access-group [rate-limit] #acl | qos-group number | dscp dscp] mean-rate B c B e conform-action { drop | transmit | continue | set-prec-transmit value | set-prec-continue value | set-qos-transmit value | set-qos-continue value set-dscp-transmit value | set-dscp-continue value | set-mpls-transmit value | set-mpls-continue value } exceed-action { drop | transmit | continue | set-prec-transmit value | set-prec-continue value | set-qos-transmit value | set-qos-continue value set-dscp-transmit value | set-dscp-continue value | set-mpls-transmit value | set-mpls-continue value } rate-limit {input | output} [access-group [rate-limit] #acl | qos-group number | dscp dscp] mean-rate B c B e conform-action { drop | transmit | continue | set-prec-transmit value | set-prec-continue value | set-qos-transmit value | set-qos-continue value set-dscp-transmit value | set-dscp-continue value | set-mpls-transmit value | set-mpls-continue value } exceed-action { drop | transmit | continue | set-prec-transmit value | set-prec-continue value | set-qos-transmit value | set-qos-continue value set-dscp-transmit value | set-dscp-continue value | set-mpls-transmit value | set-mpls-continue value } Router(config-if)#

53 © 2001, Cisco Systems, Inc. QOS v1.0—4-53 Inner Mongolia University CAR Classification  IP packets are classified: –Based on their direction (input or output)  Optional classification based on: –Numbered IP access list (standard or extended) –IP Precedence rate-limit access list –MAC address rate-limit access list –QoS group set by a previous conditioner in the same node –DSCP rate-limit {input | output} [access-group [rate-limit] #acl | qos-group number | dscp dscp]... rate-limit {input | output} [access-group [rate-limit] #acl | qos-group number | dscp dscp]... Router(config-if)#

54 © 2001, Cisco Systems, Inc. QOS v1.0—4-54 Inner Mongolia University Null CAR Classifier Selects packets in ingress or egress direction that have not been classified with any previous rate-limit commands on this interface Usually used as the last rate-limit command on an interface rate-limit {input | output}... Router(config-if)#

55 © 2001, Cisco Systems, Inc. QOS v1.0—4-55 Inner Mongolia University CAR Classifier Based on IP Access List Configures an IP access list to be used as a packet classifier Classifies packets received over an interface with the IP access list Classification based on IP Precedence can be done with IP access list rate-limit {input | output} access-group number... Router(config-if)# access-list acl-index {deny | permit} source [source-wildcard] access-list acl-index {deny | permit} protocol source source- wildcard destination destination-wildcard [precedence precedence] [tos tos] [dscp dscp] [log] access-list acl-index {deny | permit} source [source-wildcard] access-list acl-index {deny | permit} protocol source source- wildcard destination destination-wildcard [precedence precedence] [tos tos] [dscp dscp] [log] Router(config)#

56 © 2001, Cisco Systems, Inc. QOS v1.0—4-56 Inner Mongolia University CAR Classifier Based on IP Precedence  The IP Precedence classifier uses rate-limit access lists from 1 to 99 to match on IP Precedence values. rate-limit {input | output} access-group rate-limit number... Router(config-if)#

57 © 2001, Cisco Systems, Inc. QOS v1.0—4-57 Inner Mongolia University 57 IP Precedence-Based Rate-Limit Access List ACL index is between 1 and 99 Matches packets with specified IP Precedence Only one line is allowed in the access list ACL index is between 1 and 99 Matches packets that match any precedence value specified in the mask Precedence mask has one bit for each precedence value (Bit 0 = Precedence 0) access-list rate-limit acl-index precedence Router(config)# access-list rate-limit acl-index mask precedence-mask Router(config)#

58 © 2001, Cisco Systems, Inc. QOS v1.0—4-58 Inner Mongolia University CAR Classifier Based on Upstream MAC Address  The upstream MAC address classifier uses rate-limit access lists from 100 to 199 to match on the MAC address of an upstream router or host. rate-limit {input | output} access-group rate-limit number... Router(config-if)#

59 © 2001, Cisco Systems, Inc. QOS v1.0—4-59 Inner Mongolia University 59 MAC Address Rate-Limit Access List ACL index is between 100 and 199 Matches packets received from upstream neighbor with specified MAC address Only the MAC address is allowed in the access list (each upstream neighbor requires a different rate- limit statement) access-list rate-limit acl-index mac-address Router(config)#

60 © 2001, Cisco Systems, Inc. QOS v1.0—4-60 Inner Mongolia University QoS Group CAR Classifier  Selects IP packets already marked in this node with specified QoS group  QoS group marking can be done through: –Policy-based routing –CEF marking based on QPPB –Inbound rate limit on another interface –Inbound class-based marking on another interface  Available only on high-end platforms rate-limit {input | output} qos-group number... Router(config-if)#

61 © 2001, Cisco Systems, Inc. QOS v1.0—4-61 Inner Mongolia University DSCP-Based CAR Classifier  Selects IP packets marked with the specified DiffServ code point  DSCP marking could be done through: –Rate limiting on another interface or router –Class-based marking on another interface or router rate-limit {input | output} dscp dscp... Router(config-if)#

62 © 2001, Cisco Systems, Inc. QOS v1.0—4-62 Inner Mongolia University CAR Meter  The rate-limit meter measures the contract compliance of a traffic class selected with a classifier.  A modified token bucket algorithm is used: –mean-rate specifies average traffic rate. –B c specifies the normal burst size. –B e specifies the excess burst size.  The token bucket size is defined by B e alone. rate-limit {input | output} [access-group [rate-limit] number | qos-group number | dscp dscp] mean-rate B c B e... rate-limit {input | output} [access-group [rate-limit] number | qos-group number | dscp dscp] mean-rate B c B e... Router(config-if)#

63 © 2001, Cisco Systems, Inc. QOS v1.0—4-63 Inner Mongolia University 63 CAR Actions  CAR actions can be split into two subactions: Marking action Processing action  Marking actions support the setting of: IP Precedence DSCP MPLS experimental bits QoS group  Processing actions: Transmit—packet is transmitted Continue—packet is also processed by the next “rate-limit” command Drop—packet is dropped

64 © 2001, Cisco Systems, Inc. QOS v1.0—4-64 Inner Mongolia University 64 CAR Actions (cont.)  Processing actions “transmit,” “continue,” and “drop” can be used as standalone actions.  Processing actions “transmit” and “continue” can be combined with marking actions (set-mark_action-proc_action): set-prec-transmit set-qos-transmit set-mpls-transmit set-dscp-transmit set-prec-continue set-qos-continue set-mpls-continue set-dscp-continue

65 © 2001, Cisco Systems, Inc. QOS v1.0—4-65 Inner Mongolia University 65 CAR Actions (cont.)  Conforming and exceeding packets can be configured with different actions.  There are three typical uses of CAR: Pure rate limiting: –Transmit conforming packets –Drop exceeding packets Differentiated marking: –Transmit conforming packets with marker value x (e.g., IP Precedence 3) –Transmit exceeding packets with marker value y (e.g., IP Precedence 2) Pure marking: –Transmit confirming and exceeding packets with the same marker value

66 © 2001, Cisco Systems, Inc. QOS v1.0—4-66 Inner Mongolia University 66 Displaying CAR Parameters and Statistics Router#show interfaces serial 0/0 rate-limit Serial0 Input matches: qos-group 4 params: 128000 bps, 64000 limit, 128000 extended limit conformed 0 packets, 0 bytes; action: transmit exceeded 0 packets, 0 bytes; action: set-prec-transmit 0 last packet: 421250660ms ago, current burst: 0 bytes last cleared 00:00:59 ago, conformed 0 bps, exceeded 0 bps Output matches: access-group 181 params: 8000 bps, 8000 limit, 16000 extended limit conformed 19 packets, 21576 bytes; action: set-prec-transmit 3 exceeded 5 packets, 7520 bytes; action: drop last packet: 145344ms ago, current burst: 11552 bytes last cleared 00:03:01 ago, conformed 0 bps, exceeded 0 bps Router#show interfaces serial 0/0 rate-limit Serial0 Input matches: qos-group 4 params: 128000 bps, 64000 limit, 128000 extended limit conformed 0 packets, 0 bytes; action: transmit exceeded 0 packets, 0 bytes; action: set-prec-transmit 0 last packet: 421250660ms ago, current burst: 0 bytes last cleared 00:00:59 ago, conformed 0 bps, exceeded 0 bps Output matches: access-group 181 params: 8000 bps, 8000 limit, 16000 extended limit conformed 19 packets, 21576 bytes; action: set-prec-transmit 3 exceeded 5 packets, 7520 bytes; action: drop last packet: 145344ms ago, current burst: 11552 bytes last cleared 00:03:01 ago, conformed 0 bps, exceeded 0 bps Displays CAR parameters and statistics show interfaces intf rate-limit Router#

67 © 2001, Cisco Systems, Inc. QOS v1.0—4-67 Inner Mongolia University 67 Display Rate-Limit Access Lists Router#show access-lists rate-limit Rate-limit access list 10 1 Rate-limit access list 11 mask 81 Rate-limit access list 120 4000.1234.ABCD Router#show access-lists rate-limit Rate-limit access list 10 1 Rate-limit access list 11 mask 81 Rate-limit access list 120 4000.1234.ABCD List rate-limit access lists show access-lists rate-limit Router(config)#

68 © 2001, Cisco Systems, Inc. QOS v1.0—4-68 Inner Mongolia University 68 CAR: Limiting Example #1  A service provider connects all its customers via 2 Mbps physical leased lines (or ADSL links) and uses CAR to limit the actual amount of traffic the user can send or receive.  In addition, several differentiated services could be provided based on customer needs.

69 © 2001, Cisco Systems, Inc. QOS v1.0—4-69 Inner Mongolia University 69 CAR: Limiting Example #1 (cont.) ISP Customer 2 Mbps Customer 2 Mbps NAP Internet interface serial 0/0 rate-limit input 256000 4000 96000 conform-action transmit exceed-action drop rate-limit output 256000 4000 96000 conform-action transmit exceed-action drop interface serial 0/0 rate-limit input 256000 4000 96000 conform-action transmit exceed-action drop rate-limit output 256000 4000 96000 conform-action transmit exceed-action drop

70 © 2001, Cisco Systems, Inc. QOS v1.0—4-70 Inner Mongolia University 70 CAR: Limiting and Marking Example #2  Web traffic is limited to 512 kbps and transmitted with higher precedence: Excess web traffic is classified as regular traffic.  All other traffic is limited to 256 kbps and transmitted with Precedence 0: Excess traffic is dropped. Burst size is 16,000 bytes. Excess burst size is 24,000 bytes.

71 © 2001, Cisco Systems, Inc. QOS v1.0—4-71 Inner Mongolia University 71 CAR: Limiting and Marking Example #2 (cont.) ISP Customer 2 Mbps NAP Internet interface serial 0/0 rate-limit input access-group 101 512000 64000 128000 conform-action set-prec-transmit 1 exceed-action continue rate-limit input 256000 16000 24000 conform-action set-prec-transmit 0 exceed-action drop rate-limit output access-group 101 512000 64000 128000 conform-action set-prec-transmit 1 exceed-action continue rate-limit output 256000 16000 24000 conform-action set-prec-transmit 0 exceed-action drop ! access-list 101 permit tcp any any eq www access-list 101 permit tcp any eq www any interface serial 0/0 rate-limit input access-group 101 512000 64000 128000 conform-action set-prec-transmit 1 exceed-action continue rate-limit input 256000 16000 24000 conform-action set-prec-transmit 0 exceed-action drop rate-limit output access-group 101 512000 64000 128000 conform-action set-prec-transmit 1 exceed-action continue rate-limit output 256000 16000 24000 conform-action set-prec-transmit 0 exceed-action drop ! access-list 101 permit tcp any any eq www access-list 101 permit tcp any eq www any

72 © 2001, Cisco Systems, Inc. QOS v1.0—4-72 Inner Mongolia University 72 CAR: Limiting Example #3  The customer can send or receive up to 128 kbps of premium traffic: Premium traffic is marked with Precedence 1. Excess premium traffic is dropped.  Non premium (best-effort) traffic is not rate-limited

73 © 2001, Cisco Systems, Inc. QOS v1.0—4-73 Inner Mongolia University 73 CAR: Limiting Example #3 (cont.) ISP Customer 2 Mbps Customer 2 Mbps NAP Internet interface serial 0/0 rate-limit input access-group rate-limit 13 128000 16000 48000 conform-action transmit exceed-action drop rate-limit output access-group rate-limit 13 128000 16000 48000 conform-action transmit exceed-action drop ! access-list rate-limit 13 1 interface serial 0/0 rate-limit input access-group rate-limit 13 128000 16000 48000 conform-action transmit exceed-action drop rate-limit output access-group rate-limit 13 128000 16000 48000 conform-action transmit exceed-action drop ! access-list rate-limit 13 1

74 © 2001, Cisco Systems, Inc. QOS v1.0—4-74 Inner Mongolia University 74 CAR: Precedence Spoofing Example #4  If a customer is trying to spoof a service provider with high- precedence traffic, the traffic is dropped: Drop all non-Precedence-0 traffic received from a customer. ISP Customer 2 Mbps Customer 2 Mbps NAP Internet interface serial 0/0 rate-limit input access-group rate-limit 1 64000 8000 8000 conform-action drop exceed-action drop ! access-list rate-limit 1 mask FE interface serial 0/0 rate-limit input access-group rate-limit 1 64000 8000 8000 conform-action drop exceed-action drop ! access-list rate-limit 1 mask FE

75 © 2001, Cisco Systems, Inc. QOS v1.0—4-75 Inner Mongolia University 75 CAR: Limiting Example #5  Application: Web server collocation: The customer can locate a server at service provider premises (switched LAN). CAR is used to limit the amount of traffic the web server can generate. Unknown traffic that is rate-limited to 64 kbps to allow remote configuration of new servers.  Alternate application: central site in an enterprise network

76 © 2001, Cisco Systems, Inc. QOS v1.0—4-76 Inner Mongolia University 76 CAR: Limiting Example #5 (cont.) Server LAN Switch Server Distribution Router Core Network interface FastEthernet 0/0 rate-limit input access-group rate-limit 100 10000000 100000 100000 conform-action transmit exceed-action drop rate-limit output access-group rate-limit 100 10000000 100000 100000 conform-action transmit exceed-action drop rate-limit input 64000 8000 24000 conform-action transmit exceed-action drop rate-limit output 64000 8000 24000 conform-action transmit exceed-action drop ! access-list rate-limit 100 00ae.0123.abcd ! Server MAC address interface FastEthernet 0/0 rate-limit input access-group rate-limit 100 10000000 100000 100000 conform-action transmit exceed-action drop rate-limit output access-group rate-limit 100 10000000 100000 100000 conform-action transmit exceed-action drop rate-limit input 64000 8000 24000 conform-action transmit exceed-action drop rate-limit output 64000 8000 24000 conform-action transmit exceed-action drop ! access-list rate-limit 100 00ae.0123.abcd ! Server MAC address

77 © 2001, Cisco Systems, Inc. QOS v1.0—4-77 Inner Mongolia University 77 CAR: Marking Example #6 Core Customer WAN interface ethernet 0/0 rate-limit input 10000000 8000 8000 conform-action set-prec-transmit 2 exceed-action drop ! interface ethernet 0/1 rate-limit input 10000000 8000 8000 conform-action set-prec-transmit 0 exceed-action drop ! interface ethernet 0/0 rate-limit input 10000000 8000 8000 conform-action set-prec-transmit 2 exceed-action drop ! interface ethernet 0/1 rate-limit input 10000000 8000 8000 conform-action set-prec-transmit 0 exceed-action drop ! CAR can be used purely for marking purposes.

78 © 2001, Cisco Systems, Inc. QOS v1.0—4-78 Inner Mongolia University 78 CAR: Marking Example #7 Core Customer WAN interface ethernet 0/0 rate-limit input access-group 101 10000000 8000 8000 conform-action set-prec-transmit 2 exceed-action drop rate-limit input access-group 102 10000000 8000 8000 conform-action set-prec-transmit 1 exceed-action drop rate-limit input 10000000 8000 8000 conform-action set-prec-transmit 0 exceed-action drop ! access-list 101 permit tcp any any eq telnet access-list 102 permit tcp any any eq www interface ethernet 0/0 rate-limit input access-group 101 10000000 8000 8000 conform-action set-prec-transmit 2 exceed-action drop rate-limit input access-group 102 10000000 8000 8000 conform-action set-prec-transmit 1 exceed-action drop rate-limit input 10000000 8000 8000 conform-action set-prec-transmit 0 exceed-action drop ! access-list 101 permit tcp any any eq telnet access-list 102 permit tcp any any eq www

79 © 2001, Cisco Systems, Inc. QOS v1.0—4-79 Inner Mongolia University Summary  Upon completing this lesson, you should be able to:  Describe the CAR mechanism  Describe the benefits and drawbacks of CAR  Describe the differences between CAR, GTS, and FRTS  Configure CAR on Cisco routers  Monitor and troubleshoot CAR

80 © 2001, Cisco Systems, Inc. QOS v1.0—4-80 Inner Mongolia University Lesson Review 1.What classification options does CAR support? 2.What are the main differences between CAR and traffic shaping? 3.Where can CAR be implemented?

81 © 2001, Cisco Systems, Inc. QOS v1.0—4-81 Inner Mongolia University Module Summary  After completing this module, you should be able to perform the following tasks:  Describe and configure generic traffic shaping (GTS)  Describe and configure Frame Relay traffic shaping (FRTS)  Describe and configure committed access rate (CAR)  Name other mechanisms that support traffic shaping and policing (class-based policing and class-based shaping)

Download ppt "© 2001, Cisco Systems, Inc. Traffic Shaping and Policing."

Similar presentations

Quality of Service CCDA Quick Reference.

Quality of Service CCDA Quick Reference.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 9: Access Control Lists Routing & Switching.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 9: Access Control Lists Routing & Switching.
William Stallings Data and Computer Communications 7 th Edition Chapter 13 Congestion in Data Networks.

William Stallings Data and Computer Communications 7 th Edition Chapter 13 Congestion in Data Networks.
Top-Down Network Design Chapter Thirteen Optimizing Your Network Design Copyright 2010 Cisco Press & Priscilla Oppenheimer.

Top-Down Network Design Chapter Thirteen Optimizing Your Network Design Copyright 2010 Cisco Press & Priscilla Oppenheimer.
Tiziana Ferrari Differentiated Services Test: Report1 Differentiated Service Test REPORT TF-TANT Tiziana Ferrari Frankfurt, 1 Oct.

Tiziana Ferrari Differentiated Services Test: Report1 Differentiated Service Test REPORT TF-TANT Tiziana Ferrari Frankfurt, 1 Oct.
© 2006 Cisco Systems, Inc. All rights reserved. Module 4: Implement the DiffServ QoS Model Lesson 4.7: Introducing Traffic Policing and Shaping.

© 2006 Cisco Systems, Inc. All rights reserved. Module 4: Implement the DiffServ QoS Model Lesson 4.7: Introducing Traffic Policing and Shaping.
Basic IP Traffic Management with Access Lists

Basic IP Traffic Management with Access Lists
© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—4-1 Managing IP Traffic with ACLs Configuring IP ACLs.

© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—4-1 Managing IP Traffic with ACLs Configuring IP ACLs.
Chapter 10 Congestion Control in Data Networks1 Congestion Control in Data Networks and Internets COMP5416 Chapter 10.

Chapter 10 Congestion Control in Data Networks1 Congestion Control in Data Networks and Internets COMP5416 Chapter 10.
© 2006 Cisco Systems, Inc. All rights reserved.QoS v2.2—5-1 Congestion Management Configuring FIFO and WFQ.

© 2006 Cisco Systems, Inc. All rights reserved.QoS v2.2—5-1 Congestion Management Configuring FIFO and WFQ.
© 2006 Cisco Systems, Inc. All rights reserved. Module 4: Implement the DiffServ QoS Model Lesson 4.10: Deploying End-to-End QoS.

© 2006 Cisco Systems, Inc. All rights reserved. Module 4: Implement the DiffServ QoS Model Lesson 4.10: Deploying End-to-End QoS.
© 2006 Cisco Systems, Inc. All rights reserved. Optimizing Converged Cisco Networks (ONT) Module 4: Implement the DiffServ QoS Model.

© 2006 Cisco Systems, Inc. All rights reserved. Optimizing Converged Cisco Networks (ONT) Module 4: Implement the DiffServ QoS Model.
WXES2106 Network Technology Semester 1 2004/2005 Chapter 10 Access Control Lists CCNA2: Module 11.

WXES2106 Network Technology Semester /2005 Chapter 10 Access Control Lists CCNA2: Module 11.
© 2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.0—5-1 Implementing Path Control Assessing Path Control Network Performance Issues.

© 2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.0—5-1 Implementing Path Control Assessing Path Control Network Performance Issues.
Design of QoS Router Terrance Lee. Broadband Internet Architecture Intelligent Access Electronic Switch (Intserv or Diffserv) Switching /Routing QoS Security.

Design of QoS Router Terrance Lee. Broadband Internet Architecture Intelligent Access Electronic Switch (Intserv or Diffserv) Switching /Routing QoS Security.
24-1 Chapter 24. Congestion Control and Quality of Service part 2 23.5 Quality of Service 23.6 Techniques to Improve QoS 23.7 Integrated Services 23.8.

24-1 Chapter 24. Congestion Control and Quality of Service part Quality of Service 23.6 Techniques to Improve QoS 23.7 Integrated Services 23.8.
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—3-1 Frame-Mode MPLS Implementation on Cisco IOS Platforms Configuring Frame-Mode MPLS on Cisco.

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—3-1 Frame-Mode MPLS Implementation on Cisco IOS Platforms Configuring Frame-Mode MPLS on Cisco.
TDRE Filtering and QoS TDRE Version 11.0. The first choice for the mile p.2 IP filtering >With extended access lists >define in router/trafficPolicy.

TDRE Filtering and QoS TDRE Version The first choice for the mile p.2 IP filtering >With extended access lists >define in router/trafficPolicy.
Tiziana FerrariQuality of Service for Remote Control in the High Energy Physics Experiments CHEP, 07 Feb 2000 1 Quality of Service for Remote Control in.

Tiziana FerrariQuality of Service for Remote Control in the High Energy Physics Experiments CHEP, 07 Feb Quality of Service for Remote Control in.
© 2006 Cisco Systems, Inc. All rights reserved. Module 4: Implement the DiffServ QoS Model Lesson 4.5: Configuring CBWFQ and LLQ.

© 2006 Cisco Systems, Inc. All rights reserved. Module 4: Implement the DiffServ QoS Model Lesson 4.5: Configuring CBWFQ and LLQ.

Similar presentations

Ads by Google