Describing traffic policing, Configuring traffic policing, Describing traffic policing -6 – Enterasys Networks Security Router X-PeditionTM User Manual

Mechanisms Providing QoS

12-6 Configuring Quality of Service

excess bandwidth may be used by CBWFQ. A rule of thumb for configuring PQs is to assign time-
sensitive traffic (voice and video) to PQs and other types (e.g., Telnet) to fair queues. Any traffic
you do not specially assign (e.g., Email) is automatically directed to the class-default queue. All
(100%) of your traffic should not be assigned to PQs - a smaller percentage of lower priority traffic
should be designated for fair queues of left unassigned for the default queue.

Internally, the priority queue uses a Token Bucket that measures the offered load and ensures that
the traffic stream conforms to the configured rate. Only traffic that conforms to the token bucket is
guaranteed low latency. Any excess traffic is dropped even when the link is not congested.

The

priority

command also sets burst size, a network value used to accommodate temporary

bursts of traffic. The default burst value, which is computed as 1 second of traffic at the configured
bandwidth rate, is used when the burst argument is not specified.

The XSR allows the priority queue size to grow as much as allowed by the traffic meter.

The following example illustrates priority configuration options and how they are invoked on a
Frame Relay port. Begin by creating traffic class frost:

XSR(config)#class-map frost
XSR(config-cmap<frost>)#match access-group 10

Assign the class frost to the priority queue:

XSR(config)#policy-map frame1
XSR(config-pmap<frame1>)#class frost
XSR(config-pmap-c<frost>)#priority high 20
XSR(config-pmap-c<frost>)#queue-limit 30

Describing Traffic Policing

The XSR’s traffic policer lets you examine traffic flows and either discard or mark packets that
exceed Service Level Agreement (SLA) Agents. Policing is most frequently used on the network
border to ensure that a peer is not consuming more than its allocated bandwidth. A policer will
accept traffic up to a certain rate then perform an action on traffic exceeding this rate (out-of-
bound traffic). If the policer determines that the packet is out of profile, the packet is either dropped
immediately or admitted to the network but marked as out of profile.

The XSR’s implementation of traffic policing provides these benefits:

•

Per traffic class bandwidth management permitting control of the maximum rate of traffic sent or
received per traffic class.

•

Configuration of the policer using maximum rate, normal burst and excess burst. Based on
configured values, the policer separates packets into three conformance levels: packets
received below the maximum rate are conforming, packets received as excess packets are exceed
packets and out-of-bounds packets are violate.

•

Marking of packets based conformance levels. You may specify a different action for each
conforming level: drop, transmit and/or mark the packet. Also, you may choose to mark the
DSCP, IP precedence or CoS field of the packet.

Configuring Traffic Policing

Configuring traffic policing requires creating a traffic class and attaching the policy to an interface
or DLCI. The

police

command specifies the following options:

•

Bandwidth, burst and excess burst values

•

Action to take for traffic that conforms or exceeds the specified rate