Mls qos protocol arp: try to understand CIR and Bc values

parisdooz12 · ‎08-07-2013

Hi,

in order to mitigate layer 2 loops on my C6500, I'd like to implement ARP rate limiter.

Doing a span of arp traffic on the Sup720 rp & sp, I notice an average arp traffic of 10kb/s. I don't notice traffic peak, event with a 100ms step.

So I configured my rate limiter as following:

mls qos protocol arp police 64000 1000.

64000bps is far from the 10000bps I observed with span

1000 byte of Bc means, if I am correct, means burst of 1000bytes on a 125ms interval.

Looking at span result, my burst value shloud be enough to avoid policed packets. But is is not the case:

#sh mls qos protoc

Modes: P - police, M - marking, * - passthrough

Module: All - all EARL slots; Dir: I&O - In & Out; F - Fail

Proto Mode Sid Mod Dir AgId Prec Cir Burst AgForward-By AgPoliced-By

------------------------------------------------------------------------------------

ARP P 1 1 In 4 - 64000 1000 42908 3008

ARP P 1 2 In 4 - 64000 1000 19652 0

ARP P 1 5 In 4 - 64000 1000 16764 0

ARP P 1 6 In 4 - 64000 1000 61872 20928

ARP P 1 8 In 4 - 64000 1000 0 0

ARP P 2 1 In 4 - 64000 1000 20996 836

ARP P 2 4 In 4 - 64000 1000 3488 0

ARP P 2 5 In 4 - 64000 1000 12834 256

ARP P 2 6 In 4 - 64000 1000 42738 10304

ARP P 2 7 In 4 - 64000 1000 17430 640

ARP P 2 8 In 4 - 64000 1000 0 0

ARP P 2 9 In 4 - 64000 1000 5632 0

So I change Bc value for 4000 (Tc=500ms). There is still policed packets, but result is better (in the following outpur, all policed packet appeard in one time, so I guess during a burst):

Proto Mode Sid Mod Dir AgId Prec Cir Burst AgForward-By AgPoliced-By

------------------------------------------------------------------------------------

ARP P 1 1 In 4 - 64000 4000 53100 1088

ARP P 1 2 In 4 - 64000 4000 19912 0

ARP P 1 5 In 4 - 64000 4000 20446 0

ARP P 1 6 In 4 - 64000 4000 70236 20096

ARP P 1 8 In 4 - 64000 4000 0 0

ARP P 2 1 In 4 - 64000 4000 25728 0

ARP P 2 4 In 4 - 64000 4000 3344 0

ARP P 2 5 In 4 - 64000 4000 15468 0

ARP P 2 6 In 4 - 64000 4000 53796 6210

ARP P 2 7 In 4 - 64000 4000 23222 0

ARP P 2 8 In 4 - 64000 4000 0 0

ARP P 2 9 In 4 - 64000 4000 4928 0

Then I tried Bc = 8000 (Tc = 1s!). Quite no more policed packets.

[Edit] And finally, Bc = 16000 (Tc = 2s, which has no sense!!) => still packets policed (span indicate no peaks!):

Proto Mode Sid Mod Dir AgId Prec Cir Burst AgForward-By AgPoliced-By

------------------------------------------------------------------------------------

ARP P 1 1 In 4 - 64000 16000 1355426 12032

ARP P 1 2 In 4 - 64000 16000 553734 0

ARP P 1 5 In 4 - 64000 16000 480478 0

ARP P 1 6 In 4 - 64000 16000 2071666 33472

ARP P 1 8 In 4 - 64000 16000 0 0

ARP P 2 1 In 4 - 64000 16000 657224 3976

ARP P 2 4 In 4 - 64000 16000 94732 0

ARP P 2 5 In 4 - 64000 16000 404400 0

ARP P 2 6 In 4 - 64000 16000 1412826 35584

ARP P 2 7 In 4 - 64000 16000 518716 0

ARP P 2 8 In 4 - 64000 16000 0 0

ARP P 2 9 In 4 - 64000 16000 149308 0

I guess there is a misunderstanding of me with this burst value, or with the span interpretation.

Has someone any idea ?

Thanks!