Re: Policing and Tc

Ok Thanks,

So I think I am have a clear mind on how it all works now and fact is that
in Policing Time Intervals are completely not used to determine how many
tokens are in a bucket, but you can configure your bucket to be the size of
a certain time interval... for example 0.125ms but I believe, you must be
very careful doing this otherwise you would end up with more dropped packets
than you expected and not actually achieving the CIR that you configured.

For example.

If I had a CIR of 56000bps which is equal to 7000 bytes per second then I
should configure the bucket to be 7000 bytes at a minimum.....

It is possible however to configure a bucket to be smaller, say I had the
bright idea to configure the bucket big enough for a Tc of 0.125ms

56000*0.125=7000bps / 8 = 875bytes

Ok so if I configure my Token bucket for policing at 875bytes, then 1 second
passes and I get a 1500byte packet hit the policer then policer would fill
up the bucket with 875 bytes worth of tokens and there would be spillage of
6125 bytes worth of tokens and then the policer would see there is not
enough tokens in the Token Bucket and mark the packet as violating then
perform whatever action has been configured for violating?

Is this correct and make sense, otherwise I'm completely screwed!

Regards,

Garth

On Wed, Mar 3, 2010 at 5:49 PM, Piotr Kaluzny <piotrk_at_ipexpert.com> wrote:

> Garth,
>
> Not sure if this is exactly what you want to know, but in the situation you
> described below packet greater than 1000B could not be transferred (or
> whatever action you set for exceed) assuming Be equals to 0, because the
> single token bucket has maximum capacity of 1000B.
>
> I would say this is more of an example for shaping. With shaping, packets
> are refilled every single Tc, and if Be concept is used, low activity
> periods can extend the total amount of time bits are serialized continuously
> without having to wait for the end of Tc (assuming proper Be value).
>
> In this particular example, if shaping was used, even that packet is bigger
> than the number of tokens (number of bits for shaping), it would be
> serialized in parts because shaping buffers packets. Also please note that
> bits are always serialized at the interface clock rate, regardless of
> police/shape rate.
>
> Regards,
> --
> Piotr Kaluzny
> CCIE #25665 (Security), CCSP, CCNP
> Sr. Support Engineer - IPexpert, Inc.
> URL: http://www.IPexpert.com <http://www.ipexpert.com/>
>
>
>
>
>
> On Wed, Mar 3, 2010 at 8:27 AM, Garth Bryden <
> hacked.the.planet.on.28.8k.dialup_at_gmail.com> wrote:
>
>> Thanks for the input Guys but I'm still not convinced.
>>
>> I have not been able to find any reference to this Scheduler based
>> approach
>> anywhere :|
>>
>> In my view here, I can't see any benefit here of having a token bucket
>> smaller than 1second of the CIR!
>>
>> This is because say for example you had a 64kbps line which equates to
>> 8000
>> bytes per second, if you configure your token bucket in an interval of
>> .125ms which is 1000 bytes say you had a heap of packets burst through
>> your
>> router and your token bucket is empty, then 1 second later a new 1500byte
>> packet passes through the policer, wouldn't the policer then look fill up
>> the token bucket, to it's maximum of 1000 bytes and consider the 1500 byte
>> packet to be violating (presuming a Be of 0) instead of conforming?
>>
>> Where as if the bucket could hold up to 8000 bytes it would be considered
>> conforming!
>>
>> Excuse me if I am totally off track here but I am just trying to really
>> get
>> my head around it.
>>
>> Thanks heaps,
>>
>> Garth
>>
>> On Tue, Mar 2, 2010 at 2:20 PM, karim jamali <karim.jamali_at_gmail.com>
>> wrote:
>>
>> > Hi Garth,
>> >
>> > It seems that the either the Packet based approach or the Scheduler
>> based
>> > approach could be used (based on the minimum). We are comparing the
>> number
>> > of tokens currently in the bucke (at time t): addition of what we have
>> put
>> > CIR * (t-t1) as well as what was already in the bucket at time t1. We
>> > compare this value to the Bc. This comparison will lead to using either
>> > packet or scheduled mode.
>> >
>> > Best Regards,
>> >
>> > Karim Jamali
>> >
>> >
>> > On Tue, Mar 2, 2010 at 7:06 AM, Joe Astorino <jastorino_at_ipexpert.com
>> >wrote:
>> >
>> >> The answer as usual is "it depends". I would have to double check but I
>> >> believe it uses the lower of the two values.
>> >>
>> >> It will be the minimum of either the Bc or the interval based token
>> bucket
>> >> based on the CIR and packet arrival time
>> >>
>> >>
>> >>
>> >>
>> >> Regards,
>> >>
>> >> Joe Astorino CCIE #24347 (R&S)
>> >> Sr. Technical Instructor - IPexpert
>> >> Mailto: jastorino_at_ipexpert.com
>> >> Telephone: +1.810.326.1444
>> >> Live Assistance, Please visit: www.ipexpert.com/chat
>> >> eFax: +1.810.454.0130
>> >>
>> >> IPexpert is a premier provider of Classroom and Self-Study Cisco CCNA
>> >> (R&S, Voice & Security), CCNP, CCVP, CCSP and CCIE (R&S, Voice,
>> Security &
>> >> Service Provider) Certification Training with locations throughout the
>> >> United States, Europe and Australia. Be sure to check out our online
>> >> communities at www.ipexpert.com/communities and our public website at
>> >> www.ipexpert.com
>> >>
>> >> -----Original Message-----
>> >> From: Garth Bryden <hacked.the.planet.on.28.8k.dialup_at_gmail.com>
>> >> Date: Tue, 2 Mar 2010 11:56:00
>> >> To: karim jamali<karim.jamali_at_gmail.com>
>> >> Cc: Cisco certification<ccielab_at_groupstudy.com>
>> >> Subject: Re: Policing and Tc
>> >>
>> >> So what are you saying here that Policing uses a scheduler for single
>> rate
>> >> polcing but a packet based approach for dual rate policing?
>> >>
>> >> Cheers,
>> >>
>> >> Garth
>> >>
>> >> On Tue, Mar 2, 2010 at 1:20 AM, karim jamali <karim.jamali_at_gmail.com>
>> >> wrote:
>> >>
>> >> > Hi Garth,
>> >> >
>> >> > This is from a previous email I sent to groupstudy and was a result
>> of
>> >> an
>> >> > explanation of Petr Lapukhov and Joe Astrino. I am truly thankful to
>> >> both
>> >> > for sharing their knowledge.
>> >> >
>> >> > This is the email I sent which is sort of a summary:
>> >> >
>> >> > Dear Gents,
>> >> >
>> >> > I would like to thank Petr & Joe for such a wonderful knowledge
>> sharing.
>> >> > The main point of discussion as I understand is how the token bucket
>> is
>> >> > updated with policing:
>> >> >
>> >> > 1)Scheduler Approach which Petr mentioned relies on adding a number
>> of
>> >> > packets every scheduling interval (without having to do anything with
>> >> the
>> >> > way packets arrive and inter-arrival time).
>> >> >
>> >> > 2)Packet based approach: which relies on the inter-arrival time of
>> >> packets
>> >> >
>> >> > Specifically, the token arrival rate is calculated as follows:
>> >> > (time between packets<which is equal to t-t1>* policer rate)/8 bits
>> per
>> >> > byte Looking at the formulas that Joe used from Cisco's website:
>> >> >
>> >> > Tc(t) = min(CIR * (t-t1) + Tc(t1), Bc)
>> >> > Tp(t) = min(PIR * (t-t1) + Tp(t1), Be)
>> >> >
>> >> > It seems that the either the Packet based approach or the Scheduler
>> >> based
>> >> > approach could be used (based on the minimum). We are comparing the
>> >> number
>> >> > of tokens currently in the bucke (at time t): addition of what we
>> have
>> >> put
>> >> > CIR * (t-t1) as well as what was already in the bucket at time t1. We
>> >> > compare this value to the Bc. This comparison will lead to using
>> either
>> >> > packet or scheduled mode.
>> >> >
>> >> > Once again,Petr & Joe can't thank you enough!
>> >> >
>> >> > Best Regards,
>> >>
>> >>
>> >> Blogs and organic groups at http://www.ccie.net
>> >>
>> >> _______________________________________________________________________
>> >> Subscription information may be found at:
>> >> http://www.groupstudy.com/list/CCIELab.html
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >
>> >
>> > --
>> > KJ
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net
Received on Wed Mar 03 2010 - 21:10:50 ART