RE: Policing

From: Julius Kinsler (jkinsler@harbortech.com)
Date: Tue May 16 2006 - 13:18:16 ART

• Next message: roehsler: "InternetworkExpert Lab 16 vol1 task 5.2"
• Previous message: Vikram Dadlaney: "Re: BGP Route Selection Problem"
• Maybe in reply to: Julius Kinsler: "Policing"
• Next in thread: Chris Lewis: "Re: Policing"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

So the normal burst rate is..just how fast the interface will empty the
Tc token bucket at a specific interval? Or is that how deep the bucket
is? Its very confusing to me, why does it make you specify this number?
Theres no getting around it, in a 3550. Bottom line is what is this
number and where does it come from? If I want to police something I
would think you should be able to say police and then the limit you want
to give this class of traffic and then which marker to use. What is this
"Normal burst" stuff all about? And about the class-default, is this
something you've seen in practice or do you have some documentation on
it? Because this was actually the answer given to me via IPExpert
Proctor Guide. Hopefully Scott can shed some light on this. But I will
try to put it to the test and see what happens.

Thanks

________________________________

From: Petr Lapukhov [mailto:petrsoft@gmail.com]
Sent: Tuesday, May 16, 2006 11:35 AM
To: Julius Kinsler
Cc: Chris Lewis; ccielab@groupstudy.com
Subject: Re: Policing

Julius,

While I'm trying to get my mind in full sync with that topic,
let me note, that "class-default" is useless with catalyst 3550.

You need to police within specific class, matching either
IP or non-IP traffic. If you need to police both types to a single
rate, you should use aggregate policer.

Just try setting policer's rate/burst to minimal values within
"class-default", and do a simple ping test, to see that traffic
is not policed in that configuration.

HTH
Petr

2006/5/16, Julius Kinsler <jkinsler@harbortech.com>:

        This is the same article I was reading yesterday. It so happen
to be that I was trying to do policing on a 3550.
        For example I created a policy-map and under the policy map, for
the default class I put in the keyword
        police 1000000 <Normal Burst bytes> exceed action drop. I didnt
completely understand the normal burst bytes I just wanted to police at
1Mbps.
        When I looked it up I came across the link below and was trying
to interpret this Interval to come up with the normal burst bytes. I
came to believe that this can be an arbitrary number based on the
specifications in a practice lab.
        I was doing an IPExpert lab and the answer looked like this:

        mls qos
        policy-map MyPolice
        class class-default
        police 1000000 187500 exceed drop

        Now I was racking my brain trying to come up with the logic
behind the number "187500" but I believe the number was made up after
everything I read about rate/intervals/and burst as stated below.
        Please tell me if I am wrong

        Julius

________________________________

        From: Petr Lapukhov [mailto:petrsoft@gmail.com]
        Sent: Tuesday, May 16, 2006 1:17 AM
        To: Chris Lewis
        Cc: Julius Kinsler; ccielab@groupstudy.com
        Subject: Re: Policing

        Chris,

        There is an interesting thing they say about 3550 policing:

http://www.cisco.com/en/US/products/hw/switches/ps646/products_tech_note
09186a00800feff5.shtml

        Specifically:

        ---- quote

        These parameters control the operation of policing:

        - Rate - defines how many tokens are removed at each interval.
This effectively sets
         the policing rate. All traffic below the rate is considered in
profile. Supported rates
         range from 8 Kbps to 2 Gbps, and increment by 8 Kbps.

        - Interval-defines how often tokens are removed from the bucket.
The interval is fixed
         at 0.125 milliseconds (or 8000 times per second). This interval
cannot be changed.

        - Burst-defines the maximum amount of tokens the bucket can hold
at any time.
         Supported bursts range from 8000 bytes to to 2000000 bytes, and
increment by 64 bytes.
        ---- quote

        I wonder if they do actually use *leaky* bucket with 3550
policer and *token*
        bucket (metering) with CAR/IOS Policer..

        Petr

        2006/5/16, Chris Lewis <chrlewiscsco@gmail.com>:

                Julius,

                You are mixing two concwpts here. There is no Tc in
policing that adheres to
                the shaping formula quoted. Policing does not calculate
things at regular
                intervals, it calculates tokens to be credited and
removed from the bucket
                based off packet arrival times.

                Chris

                On 5/15/06, Julius Kinsler <jkinsler@harbortech.com >
wrote:
>
> Using the standard equation CIR = Bc / Tc where can I
find the Tc when
> trying to complete this formula?
>
> TIA
> Julius
>
>

• Next message: roehsler: "InternetworkExpert Lab 16 vol1 task 5.2"
• Previous message: Vikram Dadlaney: "Re: BGP Route Selection Problem"
• Maybe in reply to: Julius Kinsler: "Policing"
• Next in thread: Chris Lewis: "Re: Policing"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 01 2006 - 06:33:21 ART