One of the fundamental differences between the two is that policing involves dropping traffic when the bucket is full - while shaping put excess traffic into a queue for submission and is gradually released resulting in a smoother flow of traffic.
This can be illustrated below (credit to Cisco for this diagram):
It is also worth noting that traffic shaping only works on outbound traffic (traffic leaving the device) - while policing will work on both ingress (traffic coming to the device) and egress traffic.
Key Terms / Formulas
I'll firstly go over some of the key terms:
Committed Information Rate (CIR) = 10000000 (10Mbps)
Burst Commit Bucket (Bc) = CIR * 0.125s = 1875000
Time Interval (Tc) = Bc / CIR = 0.125s
In this case the bucket will be emptied after 0.125s - which for some purposes might be perfectly fine - however if you are supporting a large file server you'd want the TC to be much higher - the burst rate and Tc will depend greatly on your network type and quite often you will have to tweak it for best performance. The formular for burst rate is above is the default one provided by Cisco in their documentation.
Traffic Policing Example (Egress)
Presuming the port speed is 100mb - the following configuration would limit egress traffic to 20mb:
int fa0/1-48
srr-queue bandwidth limit 80
Traffic Policing Example (Ingress)
We have to create a service policy for ingress policing:
mls qos
class-map match-all rate-limit
description Bandwidth Control
match ip dscp default
policy-map GeneralTraffic
class rate-limit
police 10000000 192000 exceed-action drop
int range fa01-48
service-policy input GeneralTraffic
Traffic Shaping Example (Egress)
Sources
http://www.cisco.com/c/en/us/support/docs/quality-of-service-qos/qos-policing/19645-policevsshape.html
0 comments:
Post a Comment