RE: Police/ rate-limit parameters concept confusion

From: Richard Dumoulin (richard.dumoulin@vanco.es)
Date: Thu Apr 15 2004 - 11:23:14 GMT-3

• Next message: OzgurG@garanti.com.tr: "RE: ip pim nbma-mode"
• Previous message: Yasser Abdullah : "RE: Default shaping interval (Tc)"
• Maybe in reply to: Karim: "Police/ rate-limit parameters concept confusion"
• Next in thread: Yasser Abdullah : "RE: Police/ rate-limit parameters concept confusion"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

So a 1 second interval is assumed ? Or the Burst is in Bytes/second ?

-----Original Message-----
From: Yasser Abdullah [mailto:yasser@alharbitelecom.com]
Sent: jueves, 15 de abril de 2004 16:02
To: 'Karim'; ccielab@groupstudy.com
Subject: RE: Police/ rate-limit parameters concept confusion

Karim,

 First thing to remember when policing, burst is in Bytes (unlike
Traffic-shaping). So if the ask you to allow a burst of 1/4 128K (which is
32000 bits/sec) then you just need to change the burst size into bytes. That
mean 32000/8 = 4000 bytes.

HTH,

Yasser

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Karim
Sent: Thursday, April 15, 2004 12:55 PM
To: ccielab@groupstudy.com
Subject: Police/ rate-limit parameters concept confusion

Hi Group,
Required to limit the ICMP traffic to 128K and allow a burst of 1/4 of this
rate (128000).

The offered solution:
using Rate-limit is:
access-list 100 permit icmp any any
!
interface Ethernet0/0
rate-limit output access-group 100 128000 4000 4000 conform-action transmit
exceed-action drop

Using MQC:
class-map match-all icmp
match access-group 101
!
 policy-map icmp
class icmp
police 128000 bc 4000 conform-action transmit exceed-action drop OR police
128000 4000 4000 conform-action transmit exceed-action drop ! access-list
101 permit icmp any any interface fa0/0 service-policy output icmp

I know that 4000 is taken from 128000/(8*4). I am confused, why it was
solved as above, I was thinking to solve as follows:

My solution:
Using rate-limit:
access-list 100 permit icmp any any
!
interface Ethernet0/0
rate-limit output access-group 100 128000 16000 20000 conform-action
transmit exceed-action drop

Parameters calculated as follows:
bc= 128000/8 = 16000. And for busting to 1/4 the 128K, set the be= 16000 +
(16000/4) = 20000.

Using MQC with the same previous parameters:
class-map match-all icmp
match access-group 101
!
policy-map icmp
class icmp
police 128000 bc 16000 be 20000 conform-action transmit exceed-action drop !
access-list 101 permit icmp any any interface fa0/0 service-policy output
icmp

Can someone help, why didn't we use the second solution and why is it wrong
????????

Thanks for your help,
Karim.

• Next message: OzgurG@garanti.com.tr: "RE: ip pim nbma-mode"
• Previous message: Yasser Abdullah : "RE: Default shaping interval (Tc)"
• Maybe in reply to: Karim: "Police/ rate-limit parameters concept confusion"
• Next in thread: Yasser Abdullah : "RE: Police/ rate-limit parameters concept confusion"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Mon May 03 2004 - 19:48:47 GMT-3