Complicated evaluation, Traffic policing – H3C Technologies H3C SR8800 User Manual
Page 32
23
A token bucket has the following configurable parameters:
•
Mean rate—Rate at which tokens are put into the bucket, or the permitted average rate of traffic. It
is also called the “committed information rate (CIR)”.
•
Burst size—Capacity of the token bucket, or the maximum traffic size that is permitted in each burst.
It is also called the “committed burst size (CBS)”. The set burst size must be greater than the
maximum packet size.
One evaluation is performed on each arriving packet. In each evaluation, if the number of tokens in the
bucket is enough, the traffic conforms to the specification and the tokens for forwarding the packet are
taken away; if the number of tokens in the bucket is not enough, it means that too many tokens have been
used and the traffic is excessive.
Complicated evaluation
You can set two token buckets, bucket C and bucket E, to evaluate traffic in a more complicated
environment and achieve more policing flexibility. For example, traffic policing uses the following
parameters:
•
CIR—Rate at which tokens are put into bucket C, that is, the average packet transmission or
forwarding rate allowed by bucket C.
•
CBS—Size of bucket C, that is, transient burst of traffic that bucket C can forward.
•
Peak information rate (PIR)—Rate at which tokens are put into bucket E, that is, the average packet
transmission or forwarding rate allowed by bucket E.
•
Excess burst size (EBS)—Size of bucket E, that is, transient burst of traffic that bucket E can forward.
Figure 7 Two-bucket structure
The two-bucket structure is as shown in
. CBS is implemented with bucket C and EBS with bucket
E. In each evaluation, packets are measured against the following bucket scenarios:
•
If bucket C has enough tokens, packets are colored green.
•
If bucket C does not have enough tokens but bucket E has enough tokens, packets are colored
yellow.
•
If neither bucket C nor bucket E has sufficient tokens, packets are colored red.
Traffic policing
A typical application of traffic policing is to supervise the specification of certain traffic entering a
network and limit it within a reasonable range, or to “discipline” the extra traffic to prevent aggressive
use of network resources by a certain application. For example, you can limit bandwidth for HTTP
packets to less than 50% of the total. If the traffic of a certain session exceeds the limit, traffic policing can
drop the packets or reset the IP precedence of the packets.
Traffic policing is widely used in policing traffic into the networks of internet service providers (ISPs). It can
classify the policed traffic and perform pre-defined policing actions based on different evaluation results.
These actions include the following:
•
Forwarding the packets whose evaluation result is “conforming”
•
Dropping the packets whose evaluation result is “nonconforming”