CCIE Cert Guide Notes — QoS Part IV

Traffic Shaping Concepts

  • Solves 2 general types of problems:
    • if a SP discards any traffic on a VC when traffic rate exceeds CIR, it makes sense for router not to send traffic faster than CIR
    • egress blocking problem solved. happens when router sends data into a FR or ATM service, and the Egress FR or ATM switch has to queue the data before it can be sent out to the router on the other end of the VC.
  • Tc: Shaper sets a static time interval Tc. It calculates the number of bits that can be sent in the Tc interval such that over time, the number of bps sent matches the shaping rate. (Tc = Bc/CIR) or Shapers apply this formula: (Tc=Bc/shaping rate)
  • Bc: Number of bits that can be sent each Tc is called Bc (committed burst size). Measured in bits. Defined in the contract. (Bc = rate * Tc)
  • With a Tc of 125 ms, there will be 8 Tc Intervals per second (125msx8=1second). If 8k (Bc) bits are sent each Tc, the resulting rate would be 64000 bps.
  • CIR: Committed Information rate, in bps, which defines the rate of a VC according to the business contract.
  • Shaped Rate: the rate in bps to which a particular configuration wants to shape the traffic. It may or may not be set to the CIR
  • Be: excess burst size in bits. Number of bits beyond Bc that can be sent after a period of inactivity.
  • When using a Be, the shaper can allow in addition to the Bc bits per Tc, Be extra bits to be sent.
  • Traffic Shaping adaption on FR networks:
    • when no congestions, shaper uses the shaping rate
    • when congestion, lowers the shaping rate to “mincir” (minimum information rate). Defaults to 50% of shaping rate.
      • to lower rates shapers must notice congestion via BECN bit set or receipt of a Cisco-proprietary “ForeSight” congestion maessage.
      • each time a BECN or ForeSight is received, shaper slows down by 25% of Max Rate. It simply decreases Bc and Be by 25% keeping the Tc value the same. Until it bottoms out to “mincir”.
      • Rate grows again after 16 consecutive Tc values without BECN, shaping rate increases by 1/16.
  • CB Shaping Configuration
    • shape [average | peak] mean-rate [[burst-size] [excess-burst-size]]
    • CB shaping can be implemented for output packets only, can be associated with either a physical interface or a subinterface.
    • “service-policy output” command is configured with referenced policy map including the shape command.
    • Sustain bits/int (Bc) and Excess bits/int (Be) in “show policy-map interface <int>” output. Increment (bytes) is equal to Bc (8000bits) but listed in bytes
    • CB shaping default var settings:
      • Bc: 8000 bits if rate <= 320kbps, Bc=shaping rate*Tc if > 320 kbps
      • Be: Be=Bc= 8000 bits if rate <= 320kbps, Be=Bc if > 320 kbps
      • Tc: Tc = Bc/shaping rate if rate <=320 kbps, Tc=25ms if > 320kbps
    • E.g: Shape rate: 96kbps, Tc=10ms, Bc=960bits.
    • How to use LLQ against packets shaped by CB Shaping? by calling an LLQ policy map with “service-policy queue-voip” command [Service the Quality Policy Map INSIDE THE SHAPE POLICY MAP]. Note the output keyword is not used since output direction is implied.
    • Shaping by Bandwidth Percent
      • subinterfaces do not inherit the bandwidth setting of the physical interface, so if not set via bandwidth command, it defaults to 1544.
      • Bc and Be are configured as a number of milliseconds;
      • Tc is set to the configured Bc value (in milliseconds)
    • Shaping to Peak Rate
      • shaping_rate = configured_rate(1 + Be/Bc)
      • shape peak mean-rate
      • e.g. shaping_rate = 64(1 + 8000/8000) = 128
    • Adaptive Shaping
      • shape adaptive min-rate
  • Frame Relay Traffic Shaping Configuration
    • Does not allow fancy queuing tools to be enabled on the physical interface concurrent with FRTS
    • FRTS always shapes traffic on each VC separately.
    • FRTS can dynamically learn the CIR, Bc, and Be values configured on FR switch by using Enhanced Local Management Interface (ELMI)
    • FRTS organizes a set of shaping parameters (rate, Bc and so on) into a named Frame Relay map class, using the “map-class frame-relay” command, the “frame-relay class” command and the “class” command.
    • on the MAIN interface, issue: “frame-relay traffic-shaping”
      • First, FRTS uses the map class referenced by the “class” command under “frame-relay interface-dlci” command. e.g under subinterface, issue: frame-relay interface-dlci 203 à class C3
      • Second, if no “class” is there, FRTS assigns the map class based on the subinterfaces “frame-relay class” command. e.g. “frame-relay class C2” àframe-relay interface-dlci 103
      • Third, if that’s not found, FRTS looks for setting on the physical interface, so on the main interface if “frame-relay class C2” is issued, it will use that.
      • if FRTS still doesn’t find anything, it uses the default setting. Default settings when no class: CIR=56kbps, Bc=7000bits, Tc=125ms
    • FRTS configuration using the “traffic-rate” command
      • FRST uses two main styles of configuration for shaping parameters.
      • frame-relay traffic-rate average [or peak] configures avg or peak rate.
      • Cisco IOS calculates the Bc, Be with an assumed Tc of 125ms
      • simpler to configure but no tuning available.
      • frame-relay traffic-shaping enabled FRTS for all VCs on physical interface.
      • on subint: “frame-relay class shape-all-64”
      • Now creating the map-class
        • map-class frame-relay shape-all-64
          • frame-relay traffic-rate 64000 64000
        • show frame-relay pvc 101
        • show traffic-shape
        • show traffic-shape queue
      • Configuring Peak rate:
        • Be = Tc * (PIR – CIR)
        • so if frame-relay traffic-rate 64000 96000 command was enabled, it would be 0.125(96000 – 64000) = 4000
    • Setting FRTS Parameters Explicitly
      • instead of frame-relay traffic-rate command, you can use: frame-relay cir, frame-relay Bc, and frame-relay Be directly to set FRTS.
      • Benefit: allows tuning to use small Tc
      • e.g
        • map-class frame-relay shape-all-64-long
          • frame-relay cir 64000
          • frame-relay bc 8000
          • (show traffic-shape) shows Tc=125ms
        • now change it so that Bc is set to 1/100th of the shaping rate (10ms)
          • frame-relay cir 64000
          • frame-relay bc 640
          • (show traffic-shape) shows Tc=10ms
    • FRTS using LLQ
      • to enable LLQ, just add the command “service-policy output queue-voip” [queue-voip is a policy map] in the map-class configuration for the LLQ class map.
      • use the “show frame-relay pvc 101” command and not “show policy-map interface” command.
    • FRTS Adaptive shaping
      • add “frame-relay adaptive-shaping becn” command to the appropriate map class.
      • to set minimum other than default 50%, use “frame-relay mincir rate” command in map class.
    • FRTS with MQC
      • create a default class in FRTS service policy under which FRTS commands are applied
      • need to cover…
    • enabled for packets entering or exiting an interface or subinterface.
    • Policing actions:
      • drop
      • set-dscp-transmit
      • set-prec-transmit
      • set-qos-transmit: sets qos group id (1-99) and sends the packet
      • set-clp-transmit: atm clp bit
      • set-fr-de
      • transmit
    • policing categories
      • conforming
      • exceeding
      • violating
    • Policing Logics
      • Single Rate (two-color policing)
        • only two categories, “conform” and “exceed”
        • usually conform transmit and exceed drops or marks the packed down.
        • uses “single-bucket two color”
        • each token is 1 byte, so 12,000 tokens is 96,000 bits. So policing at 96kbps add 12,000 tokens to the bucket.
        • Formula [(current-packet-arrival-time – previous-packet-arrival-time) * police_rate ]/ 8
        • Number of bytes in the packet (Xp), and number of tokens in the bucket (Xb). if Xp <= Xb – it conforms and Xp tokens are drained from bucket
        • if Xp > Xb – it exceeds and no tokens are drained from bucket
      • Single-Rate, Three color Policer
        • when you want the policer to police at a particular rate but also support Be, then you need to use two token buckets.
        • conform, exceed, violate all used.
        • two buckets, Bc bucket and Be bucket
        • the spilled token from Bc bucket go to Be bucket
      • Two-rate, Three-color policer
        • uses two separate policing rate
        • lower rate is CIR and the higher rate is called PIR (packet information rate)
        • packet under CIR conform, over CIR but below PIR exceed and above PIR are violate
      • CB Policing Configuration
        • “police” command configured CB policing inside POLICY MAP
        • Policing rate in bps, Bc in bytes and Be in bytes.
        • police bps burst-normal burst-max conform-action action exceed-action action [violate-action action]
        • e.g for traffic rate, 96 Kbps, Bc of 1 second, and Be of 0.5 second
          • police cir 96000 bc 12000 be 6000 conform-action transmit exceed-action set-dscp-transmit 0 violate-action drop
          • to configure 3 color policer, you need to configure a violate action or explicitly set Be to something larger than 0.
        • policing subset of traffic:
          • police web traffic at 80kbps at ingress, xmit conforming and exceeding traffic and discard violating
          • police all other traffic at 16kbps at ingress. Mark down exceeding and violating to dscp 0
          • set bc and be to 1 second and 0.5 second worth
          • match protocol http
          • police cir 80000 bc 10000 be 5000 conform-action transmit exceed-action transmit violate-action drop
          • police cir 16000 bc 2000 be 1000 conform-action transmit exceed-action set-dscp-transmit 0 violate-action set-dscp-transmit 0
          • service-policy input police-web
      • default Bc and Be
        • if not set in police command, sent in ¼ second.
        • Bc = (CIR*0.25second)/8bits/bye = CIR/32
        • if formulaa yields a number less than 1500, CB policing uses a Bc of 1500
        • default Be depends on type of policing
          • single rate two color, Be=0 (no violate-action configured)
          • single rate three color, Bc=CIR/32; Be=Bc (violate-action configured)
          • dual rate; Bc=CIR/32; Be=PIR/32 (pir configured)
      • dual rate: police cir 96000 pir 128000
      • Multi-Action Policing
        • uses different format, separates the commands
        • e.g
        • police 128000 256000
          • conform-action transmit
          • exceed-action transmit
          • violate-action set-dscp-transmit 0
          • violate-action set-frde-transmit
    • CAR vs CB Policing
      • uses the “rate-limit” command not part of MQC, under an interface or subinterface
      • has feature “cascaded or nested rate-limit” command.
      • CAR supports Be but does not have violate-action
      • “rate-limit input 96000 12000 18000 conform-action set-prec-transmit 0 exceed-action drop”
      • rate-limt ACL can match MPLS experimental bits, IP Prec or MAC address.
      • for others, IP ACL must be used.


3 thoughts on “CCIE Cert Guide Notes — QoS Part IV

  1. Under Policing Logics

    * Single Rate (two-color policing)
    > each token is 1 byte, so 12,000 tokens is 96,000 bytes. So policing at 96kbps add 12,000 tokens to the bucket.

    shouldn’t that be
    … 12,000 tokens is 96,000 bits…

    Like the layout of you notes!

  2. Thankyou Lars.

    You’re correct; I have corrected the mistake. And also, thankyou for the compliment.

  3. this is actually incorrect

    default Bc and Be

    dual rate; Bc=CIR/32; Be=PIR/32 (pir configured)

    the default Bc and Be are both derived as CIR/32

    bne-core-bh1(config)#policy-map foo
    bne-core-bh1(config-pmap)#class class-default
    bne-core-bh1(config-pmap-c)#police cir 1000000 pir 2000000
    bne-core-bh1#sh policy-map foo | i pir
    police cir 1000000 bc 31250 pir 2000000 be 31250

    (behaviour using using latest 12.4M, 12.2SB, 12.2SR is the same)

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s