RE: about CB policing

From: Taiyi Sun (wanwalker2000@yahoo.ca)
Date: Sun Sep 12 2004 - 14:04:13 GMT-3

• Next message: Howard C. Berkowitz: "RE: Failed RS lab [7:92677]"
• Previous message: Scott Morris: "RE: Failed RS lab [7:92677]"
• Maybe in reply to: Taiyi Sun: "about CB policing"
• Next in thread: Charles Sun: "Re: about CB policing"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi, Chris,
 
Thank you for your answer. I have read DQoS and DOC Cd, but I have not got any information about how to decide the time interval and my thought is that using 1 second as the time interval sounds resonable. The point is how the IOS knows the time interval and then to limit the traffic rate. And why the default time intverval is 250ms?
 
Charles

"Lord, Chris" <chris.lord@lorien.co.uk> wrote:
Hi, my understanding is this.....

You are right that Cisco recommend

normal burst = configured rate * (1 byte)/(8 bits) * 1.5 seconds
extended burst = 2 * normal burst"

BUT, you don't get this by default and you would have to do the calculations and explicitly configure it if you want to use these recommendations.

By DEFAULT, a Tc of 250ms is used by police (compared with 125ms for shape). So using the well known formula Bc=CIRxTc we get

Bc = 300000 bits(cir) x .250 sec(Tc) = 75000 bits but in the police syntax you have to express Bc in bytes (compared to shaping where you use bits), so, Bc = 75000bits/8bits-per-byte = 9375bytes

-----Original Message-----
From: alsontra@hotmail.com [mailto:alsontra@hotmail.com]
Sent: 11 September 2004 18:42
To: Taiyi Sun; ccielab@groupstudy.com
Subject: Re: about CB policing

Hi Taiyi Sun,

Here are my thoughts...

> Q1. if i want to use class base policing to limit the incoming traffic to
300K

The Cisco recommendation is as follows:

"Policing Traffic with CAR

CAR embodies a rate-limiting feature for policing traffic. When policing
traffic with CAR, Cisco recommends the following values for the normal and
extended burst parameters:

normal burst = configured rate * (1 byte)/(8 bits) * 1.5 seconds
extended burst = 2 * normal burst"

http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_command_reference_chapter09186a0080087f26.html

Meaning your normal burst should be se to 1.5 * normal rate (in bytes).
The default action on all my routers to use 1/4 of the Cir as the normal
burst value. On all of my switches, you must specify a normal burst. There
appears to be no default, you must give a normal burst value.

<--------------Switches--------------->

SW1(config-pmap-c)#police 300000
% Incomplete command.

<---------------Routers--------------->

R5(config-pmap-c)# police 300000
R5(config-pmap-c-police)#do sh policy-map
Policy Map QOS_TEST
Class class-default
police cir 300000 bc 9375 <------1/4 Cir in bytes
conform-action transmit
exceed-action drop

R5(config-pmap-c-police)# police 100000
R5(config-pmap-c-police)#do sh policy-map
Policy Map QOS_TEST
Class class-default
police cir 100000 bc 3125<------1/4 Cir in bytes
conform-action transmit
exceed-action drop

R5(config-pmap-c-police)# police 6000000
R5(config-pmap-c-police)#do sh policy-map
Policy Map QOS_TEST
Class class-default
police cir 6000000 bc 187500<------1/4 Cir in bytes
conform-action transmit
exceed-action drop

I recall reading something about this CAR default bc behavior, but I can not
find it at the moment. So my above statements regarding the default behavior
of the normal burst value are based on its observed behavior.

>Q3. Is the configuration above correct?

I think this is wrong ---> police 300000 37500 conform-action transmit
exceed-action drop
(normal burst needs to be in
bytes)

I think this is correct ---> police 300000 9375 conform-action transmit
exceed-action drop
or---> police 300000

> Q4. When I configured "police 300000" command under policy-map, it's
will show
> "police 300000 9250 9250 conform-action transmit exceed-action drop".
What does
> 9250 mean? And how does it calculate? any response will be
appreciated?

normal burst = configured rate * (1 byte)/(8 bits) * 1.5 seconds
extended burst = 2 * normal burst"

See answer to question 1.

There are a few resident expert in the areas of QOS on this list, perhaps
they will grace us with a more astute explanation. :-)

HTH
Alsontra

----- Original Message -----
From: "Taiyi Sun"
To: "Ccie Lab"
Sent: Saturday, September 11, 2004 12:25 AM
Subject: about CB policing

> Hi, group,
>
> I have questions about Class Based Policing.
>
> Q1. if i want to use class base policing to limit the incoming traffic to
300K, how
> could i decide the burst-normal and burst-max, how aoubt the exceed action
to take,
> and how to check whether my configuration is correct. Saying to limit
telnet and ftp
> traffic.
> Q2. If the exceed action is remarking, does it mean the remarked packets
can be propagated?
> Here is my configuration:
> ....
> ip cef
> ...
> class-map match-any telnet&ftp
> match protocol telnet
> match protocol ftp
> ...
> policy-map rate_limit
> class telnet&ftp
> police 300000 37500 conform-action transmit exceed-action drop
> .....
> interface s0/0
> ....
> service-policy inpuit rate_limit
> > Q4. When I configured "police 300000" command under policy-map, it's
will show
> "police 300000 9250 9250 conform-action transmit exceed-action drop".
What does
> 9250 mean? And how does it calculate?
> any response will be appreciated?
>
> _______________________________________________________________________
> Please help support GroupStudy by purchasing your study materials from:
> http://shop.groupstudy.com
>
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: Howard C. Berkowitz: "RE: Failed RS lab [7:92677]"
• Previous message: Scott Morris: "RE: Failed RS lab [7:92677]"
• Maybe in reply to: Taiyi Sun: "about CB policing"
• Next in thread: Charles Sun: "Re: about CB policing"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Oct 01 2004 - 15:00:42 GMT-3