[j-nsp] Rate limiting

Tom Storey tom at snnap.net
Fri Dec 26 03:26:24 EST 2008


> Hello,
>
> I have configured following policer
>
> policer bw-1500k.5ms {
>     if-exceeding {
>         bandwidth-limit 1500000;
>         burst-size-limit 1500;
>     }
>     then discard;
> }
>
> believing it will rate limit traffic to 1500 Kbps. But it starts to drop
> packets at much less than configured bandwidth-limit rates. When
> burst-size-limit was strongly increased (150K) everything went well.
>
> I read that JTAC suggests setting the burst-size-limit equal to the
> amount of traffic forwarded by the interface in 5 milliseconds but I
> can't figure out fundamentals for that suggestion. The appropriate
> policer didn't work as I expected. Can anybody give some references
> about setting allowable time for burst traffic?
>
> Thanks

A burst size of 1.5kbps as you have configured in your example only allows
traffic to increase at 1.5 kilobits each second, not a hell of a lot. At
that rate it would take upto 1000 seconds, i.e. 16 minutes to reach the
full 1.5 megabits you are wanting to supply...

That is going to cause considerable packet loss as the permittable traffic
level is gradually increased.

Im no expert on the subject, particularly when it comes to Juniper, but I
have found on my Ciscos that a burst size of 5-10% of the CIR works pretty
well for TCP traffic on multi megabit policers. For sub megabit policers a
minimum of 64kbit works pretty well. Though having said that Ive never
really looked into the loss figures for any of these policers, so I dont
know how well they perform.

Tom



More information about the juniper-nsp mailing list