Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
414
Views
5
Helpful
1
Replies

police command with missing burst/action statements

dankidd09
Level 1
Level 1

‎10-21-2015 02:15 PM - edited ‎03-08-2019 02:19 AM

Hi

 

I am currently trying to get my head around policing and shaping with the intention of updating policy maps for a new WAN. What I can't seem to figure out is the validity of police commands when there are no action or bucket statements after the CIR value eg.

police 6272000 77500 155000
&
police 43728000

 

Are these commands valid within a policy map? All the cisco documentation I am reading suggests you must specify burst rates and conform / exceed  statements?

 

 

Labels:
0 Helpful
1 Reply 1

Peter Paluch
Cisco Employee
Cisco Employee

‎10-21-2015 03:40 PM

Hello,

With regard to specifying the burst sizes, you are not required to specify them, and as a matter of fact, you should not specify them unless you know you need to do it.

The reason for this recommendation is that the underlying model for a policer operation is the (in)famous token bucket model, in which you have a token bucket that has the size of Bc tokens (one token worth for 1 byte of sent data), and the tokens are replenished into the token bucket at such a rate that within a certain time interval Tc, exactly Bc tokens would be added. In other words, if you start with an empty token bucket, you need Tc seconds to replenish Bc tokens and make the token bucket full if no tokens are being consumed. The resulting attainable throughput is then given by the equation CIR = Bc * (1/Tc) = Bc/Tc (you send up to Bc bytes (1/Tc)-times in a second, hence the total speed).

Now, if we were to express Tc (the time after which the entire token bucket can be refilled if no tokens are being consumed), the following formula would hold: Tc = Bc/CIR. Notice that in this formula, if the Bc is fixed but the CIR grows, the Tc decreases (a constant is being divided by ever growing variable). At some point, with the given Bc and CIR, the Tc could go so small that it would become more fine-grained than the resolution of the hardware timer installed into the router, and as a result, the resulting throughput  would be skewed from the one configured.

The IOS will try to prevent this from happening by automatically adapting the Bc depending on the configured CIR and the router's minimal supported Tc, and this is a good thing. As soon as you define your own Bc, this protection cannot be provided anymore, and if you're not careful, the combination of the configured CIR and Bc may go below the router's timer resolution, and as a result, the resulting policing will be done to a different value (the router may warn you about that).

So my own recommendation would be: If you don't know you need to define the Bc, you don't need to define it, so leave it at the router's defaults.

Regarding the conform / exceed / violate statements, you do not need to specify them explicitly but in that case, the router will implicity consider them as conform-action transmit exceed-action drop violate-action drop. This may or may not be what you want.

Best regards,
Peter

Customers Also Viewed These Support Documents