[nsp] police and rate-limit command

Tim Franklin tim at colt.net
Fri Jul 16 04:18:21 EDT 2004


cisco-nsp-bounces at puck.nether.net wrote:

>> OSM on 76xx supports inbound traffic shaping.
>
> In what sense does inbound traffic shaping make sense? Remember that
> the traffic has already reached your box, and has already used the
> capacity on the link to your box.

The service you've sold on the port is less than line-rate, and the
customer's traffic is bursty?  It's nice for the customer, in this case,
that you accecpt the "excess" traffic on the port and shape so the average
rate is no more than what they've paid for, rather than just dropping
everything from the burst.

The "right" way may be for the customer to shape the traffic on egress from
their device at the far end of the link so that it isn't bursty and you can
just police to make sure they're not doing the dirty (or sell them a managed
service and put your own CPE at the far end of the link to do it), but this
isn't always an option.

> "Shaping implies the existence of a queue and of sufficient memory to
> buffer delayed packets, while policing does not. Queueing is an
> outbound concept; packets going out an interface get queued and can be
> shaped. Only policing can be applied to inbound traffic on an
> interface."

I agree, conceptually "ingress queuing" feels all wrong, but I can see where
it *may* be useful.

Regards,
Tim.

--
____________   Tim Franklin                 e: tim at colt.net
\C/\O/\L/\T/   Product Engineering Manager  w: www.colt.net
 V  V  V  V    Managed Data Services        t: +44 20 7863 5714
                                            f: +44 20 7863 5876




More information about the cisco-nsp mailing list