Port-Based Rate Limiting, Policing, and Shaping
Feature |
Product |
Release introduced |
---|---|---|
Egress port shaper |
5320 Series |
Fabric Engine 8.6 |
5420 Series |
VOSS 8.4 |
|
5520 Series |
VOSS 8.2.5 |
|
5720 Series |
Fabric Engine 8.7 |
|
7520 Series |
Fabric Engine 8.10 |
|
7720 Series |
Fabric Engine 8.10 |
|
VSP 4900 Series |
VOSS 8.1 |
|
VSP 7400 Series |
VOSS 8.0 |
|
Ingress policer and port rate limiter |
5320 Series |
Fabric Engine 8.6 |
5420 Series |
VOSS 8.5 |
|
5520 Series |
VOSS 8.5 |
|
5720 Series |
Fabric Engine 8.7 |
|
7520 Series |
Fabric Engine 8.10 |
|
7720 Series |
Fabric Engine 8.10 |
|
VSP 4900 Series |
VOSS 8.5 |
|
VSP 7400 Series |
VOSS 8.5 |
|
QoS ingress port-based rate limiter |
5320 Series |
Not Supported |
5420 Series |
Not Supported |
|
5520 Series |
Not Supported |
|
5720 Series |
Not Supported |
|
7520 Series |
Not Supported |
|
7720 Series |
Not Supported |
|
VSP 4900 Series |
VOSS 8.1 |
|
VSP 7400 Series |
Not Supported |
The switch QoS implementation supports the following two features for bandwidth management and traffic control:
-
QoS ingress port–based rate limiting—a mechanism to limit the traffic rate accepted by the specified ingress port
Note
QoS ingress port–based rate limiting applies to VSP 4900 Series only.
-
egress port-based shaping—the process by which the system delays and transmits packets to produce an even and predictable flow rate
Each port has eight unicast and multicast queues, Class of Service (CoS) 0 to CoS 7. Traffic shaping exists on the egress CoS 6 and CoS 7, but you cannot change the configuration. CoS 6 and CoS 7 are strict priority queues, with traffic shaping for CoS 6 at 50 percent and CoS 7 to five percent of line rate.
Each feature is important to deliver DiffServ within a QoS network domain.
The switch supports an ingress flow-based policer for ACLs. For information, see Ingress Policer and Port Rate Limiter.
Token Buckets
Tokens are a key concept in traffic control. A port-based rate limiter, policer, shaper, or an ingress flow-based policer calculates the number of packets that passed, and at what data rate. Each packet corresponds to a token, and the port-based rate limiter, policer, shaper, or an ingress flow-based policer transmits or passes the packet if the token is available. For more information, see Token flow.
The token container is like a bucket. In this view, the bucket represents both the number of tokens that a port-rate limiter, policer, or shaper can use instantaneously (the depth of the bucket) and the rate at which the tokens replenish (how fast the bucket refills).
Each policer has two token buckets: one for the peak rate and the other for the service rate. The following figure shows the flow of tokens.
QoS Ingress Port-Rate Limiter
Ingress port-rate limiter limits the traffic rate accepted by the specified ingress port. The port drops or re-marks violating traffic. The line rate of the port is the maximum rate that can be set.
For more information on ingress port-rate limiter, see:
Note
Configuring Ingress Flow policer and Ingress port rate limiter features for the same traffic can result in more traffic drop than expected. The best practices are as follows:-
If ACL type is inPort, do not configure Qos Port Limiter on any of the ports that are part of ACL
-
If ACL type is inVlan, do not configure Qos Port Limiter on ports that are part of any VLAN in the ACL
-
If ACL type is inVsn, do not configure Qos Port Limiter on ports that are part of any VSN in the ACL