[nsp] Limit packet rate

Volodymyr Yakovenko vovik at dumpty.org
Mon Mar 17 12:48:55 EST 2003

On Fri, Mar 14, 2003 at 01:13:44PM +0100, Florian Weimer wrote:
>is there a way to limit the packet rate?  I can't find a direct way to
>configure this, and the indirect one I have in mind (limit the
>bandwidth used by small packets) doesn't seem to be available, either.
>Any other ideas?

All mentioned below is IMHO, and mostly based on 'Inside Cisco IOS Software
Architecture'. It could be true for conventional routers (layer3 switches
and ASIC-based forwarding engines are different). If someone from Cisco
provide any comments I will be greatly appreciated.

I believe that it is hard to implement such a limit due to Cisco router's 
internal architecture. As example - on conventional router's architectures 
packet processing is initiated from interface controller to CPU by raising 
hardware interrupt. Software interrupt handler performs biggest part of packet 
processing and forwarding (CEF, as example).

Interrupt processing is expensive operation, and under huge rate of
interrupts arrival on one of interface cards router's CPU could be saturated.

Possible colution could be kind of hardware interrupt rate limiter on interface
card or special interrupt controller WFQ-alike implementation.

>The idea is that hosts usually have problems with high packet rate,
>and not with high bandwidth, and it would be nice if you could drop a
>few packets on the router to help them.

Another solution is to switch from interrupt processing to polling mode.
There is good explanation of implementation of such technic for FreeBSD:



More information about the cisco-nsp mailing list