- Finding Feature Information
- Prerequisites for QoS Percentage-Based Policing
- Restrictions for QoS Percentage-Based Policing
- Information About QoS Percentage-Based Policing
- How to Configure QoS Percentage-Based Policing
QoS Percentage-Based Policing
The QoS Percentage-Based Policing feature allows you to configure traffic policing and traffic shaping on the basis of a percentage of bandwidth available on the interface. This feature also allows you to specify the committed burst (bc) size and the excess burst (be) size (used for configuring traffic policing) in milliseconds (ms). Configuring traffic policing in this manner enables you to use the same policy map for multiple interfaces with differing amounts of bandwidth.
- Finding Feature Information
- Prerequisites for QoS Percentage-Based Policing
- Restrictions for QoS Percentage-Based Policing
- Information About QoS Percentage-Based Policing
- How to Configure QoS Percentage-Based Policing
- Configuration Examples for QoS Percentage-Based Policing
- Additional References
- Feature Information for QoS Percentage-Based Policing
Finding Feature Information
Your software release may not support all the features documented in this module. For the latest feature information and caveats, see the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the Feature Information Table at the end of this document.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.
Prerequisites for QoS Percentage-Based Policing
- For input traffic policing on a Cisco 7500 series router, verify that distributed Cisco Express Forwarding (dCEF) is enabled on the interface on which traffic policing is configured.
- For output traffic policing on a Cisco 7500 series router, ensure that the incoming traffic is dCEF-switched. Traffic policing cannot be used on the switching path unless dCEF switching is enabled.
Restrictions for QoS Percentage-Based Policing
The shape (percent) command, when used in "child" (nested) policy maps, is not supported on the Cisco 7500, the Cisco 7200, or lower series routers. Therefore, the shape (percent) command cannot be configured for use in nested policy maps on these routers.
Information About QoS Percentage-Based Policing
- Benefits for QoS Percentage-Based Policing
- Defining Class and Policy Maps for QoS Percentage-Based Policing
- Traffic Regulation Mechanisms and Bandwidth Percentages
- Burst Size in Milliseconds Option
Benefits for QoS Percentage-Based Policing
This feature provides the ability to configure traffic policing and traffic shaping on the basis of a percentage of bandwidth available on an interface, and it allows you to specify burst sizes in milliseconds. Configuring traffic policing and traffic shaping in this manner enables you to use the same policy map for multiple interfaces with differing amounts of bandwidth. That is, you do not have to recalculate the bandwidth for each interface or configure a different policy map for each type of interface.
Defining Class and Policy Maps for QoS Percentage-Based Policing
To configure the QoS Percentage-Based Policing feature, you must define a traffic class, configure a policy map, and then attach that policy map to the appropriate interface. These three tasks can be accomplished by using the Modular Quality of Service (QoS) Command-Line Interface (CLI) (MQC).
The MQC is a command-line interface that allows you to define traffic classes, create and configure traffic policies (policy maps), and then attach these traffic policies to interfaces.
In the MQC, the class-map command is used to define a traffic class (which is then associated with a traffic policy). The purpose of a traffic class is to classify traffic.
The MQC consists of the following three processes:
- Defining a traffic class with the class-map command.
- Creating a traffic policy by associating the traffic class with one or more QoS features (using the policy-map command).
- Attaching the traffic policy to the interface with the service-policy command.
A traffic class contains three major elements: a name, a series of match commands, and, if more than one match command exists in the traffic class, an instruction on how to evaluate these match commands (that is, match-all or match-any). The traffic class is named in the class-map command line; for example, if you enter the class-map cisco command while configuring the traffic class in the CLI, the traffic class would be named "cisco".
The match commands are used to specify various criteria for classifying packets. Packets are checked to determine whether they match the criteria specified in the match commands. If a packet matches the specified criteria, that packet is considered a member of the class and is forwarded according to the QoS specifications set in the traffic policy. Packets that fail to meet any of the matching criteria are classified as members of the default traffic class.
Traffic Regulation Mechanisms and Bandwidth Percentages
Cisco IOS quality of service (QoS) offers two kinds of traffic regulation mechanisms--traffic policing and traffic shaping. A traffic policer typically drops traffic that violates a specific rate. A traffic shaper typically delays excess traffic using a buffer to hold packets and shapes the flow when the data rate to a queue is higher than expected.
Traffic shaping and traffic policing can work in tandem and can be configured in a class map. Class maps organize data packets into specific categories ("classes") that can, in turn, receive a user-defined QoS treatment when used in policy maps (sometimes referred to as "service policies").
Before this feature, traffic policing and traffic shaping were configured on the basis of a user-specified amount of bandwidth available on the interface. Policy maps were then configured on the basis of that specific amount of bandwidth, meaning that separate policy maps were required for each interface.
This feature provides the ability to configure traffic policing and traffic shaping on the basis of a percentage of bandwidth available on the interface. Configuring traffic policing and traffic shaping in this manner enables customers to use the same policy map for multiple interfaces with differing amounts of bandwidth.
Configuring traffic policing and shaping on the basis of a percentage of bandwidth is accomplished by using the police (percent) and shape (percent) commands.
Burst Size in Milliseconds Option
The purpose of the burst parameters (bc and be) is to drop packets gradually, as is done with Weighted Random Early Detection (WRED), and to avoid tail drop. Setting sufficiently high burst values helps to ensure good throughput.
This feature allows you the option of specifying the committed burst (bc) size and the extended burst (be) as milliseconds (ms) of the class bandwidth when you configure traffic policing. The number of milliseconds is used to calculate the number of bytes that will be used by the QoS Percentage-Based Policing feature.
Specifying these burst sizes in milliseconds is accomplished by using the bc and be keywords (and their associated arguments) of the police (percent) and shape (percent) commands.
How to Configure QoS Percentage-Based Policing
- Configuring a Class and Policy Map for Percentage-Based Policing
- Attaching the Policy Map to an Interface for Percentage-Based Policing
- Verifying the Percentage-Based Policing Configuration
Configuring a Class and Policy Map for Percentage-Based Policing
DETAILED STEPS
Attaching the Policy Map to an Interface for Percentage-Based Policing
DETAILED STEPS
Command or Action | Purpose | |||
---|---|---|---|---|
|
Example: Router> enable |
Enables privileged EXEC mode. |
||
|
Example: Router# configure terminal |
Enters global configuration mode. |
||
|
Example: Router(config)# interface serial4/0 |
Configures an interface (or subinterface) type and enters interface configuration mode.
|
||
|
Example: Router(config-if)# pvc cisco 0/16 ilmi |
(Optional) Creates or assigns a name to an ATM PVC and specifies the encapsulation type on an ATM PVC. Enters ATM VC configuration mode.
|
||
|
Example: Router(config-if)# service-policy input policy1 Example:
|
Specifies the name of the policy map to be attached to the input or output direction of the interface.
|
||
|
Example: Router(config-if)# exit |
(Optional) Exits interface configuration mode. |
Verifying the Percentage-Based Policing Configuration
DETAILED STEPS
Troubleshooting Tips for Percentage-Based Policing
The commands in the Verifying the Percentage-Based Policing Configuration section allow you to verify that you achieved the intended configuration and that the feature is functioning correctly. If, after using the show commands listed above, you find that the configuration is not correct or the feature is not functioning as expected, perform these operations:
If the configuration is not the one you intended, complete the following procedures:
- Use the show running-config command and analyze the output of the command.
- If the policy map does not appear in the output of the show running-config command, enable the logging console command.
- Attach the policy map to the interface again.
If the packets are not being matched correctly (for example, the packet counters are not incrementing correctly), complete the following procedures:
- Run the show policy-mapcommand and analyze the output of the command.
- Run the show running-config command and analyze the output of the command.
- Use the show policy-map interface command and analyze the output of the command. Check the the following findings:
- If a policy map applies queueing, and the packets are matching the correct class, but you see unexpected results, compare the number of the packets in the queue with the number of the packets matched.
- If the interface is congested, and only a small number of the packets are being matched, check the tuning of the transmission (tx) ring, and evaluate whether the queueing is happening on the tx ring. To do this, use the show controllers command, and look at the value of the tx count in the output of the command.
Configuration Examples for QoS Percentage-Based Policing
- Specifying Traffic Policing on the Basis of a Bandwidth Percentage Example
- Verifying the Percentage-Based Policing Configuration Example
Specifying Traffic Policing on the Basis of a Bandwidth Percentage Example
The following example configures traffic policing using a committed information rate (CIR) and a peak information rate (PIR) on the basis of a percentage of bandwidth. In this example, a CIR of 20 percent and a PIR of 40 percent have been specified. Additionally, an optional bc value and be value (300 ms and 400 ms, respectively) have been specified.
Router> enable Router# configure terminal Router(config)# policy-map policy1 Router(config-pmap)# class class1 Router(config-pmap-c)# police cir percent 20 bc 300 ms be 400 ms pir percent 40 Router(config-pmap-c-police)# exit
After the policy map and class maps are configured, the policy map is attached to interface as shown in the following example.
Router> enable Router# configure terminal Router(config-if)# interface serial4/0 Router(config-if)# service-policy input policy1 Router(config-if)# exit
Verifying the Percentage-Based Policing Configuration Example
This section contains sample output from the show policy-map interface command and the show policy-map command. The output from these commands can be used to verify and monitor the feature configuration on your network.
The following is sample output from the show policy-map command. This sample output displays the contents of a policy map called "policy1." In policy 1, traffic policing on the basis of a CIR of 20 percent has been configured, and the bc and be have been specified in milliseconds. As part of the traffic policing configuration, optional conform, exceed, and violate actions have been specified.
Router# show policy-map policy1
Policy Map policy1
Class class1
police cir percent 20 bc 300 ms pir percent 40 be 400 ms
conform-action transmit
exceed-action drop
violate-action drop
The following is sample output from the show policy-map interface command. This sample displays the statistics for the serial 2/0 interface on which traffic policing has been enabled. The committed burst (bc) and excess burst (be) are specified in milliseconds (ms).
Router# show policy-map interface serial2/0
Serial2/0
Service-policy output: policy1 (1050)
Class-map: class1 (match-all) (1051/1)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: ip precedence 0 (1052)
police:
cir 20 % bc 300 ms
cir 409500 bps, bc 15360 bytes
pir 40 % be 400 ms
pir 819000 bps, be 40960 bytes
conformed 0 packets, 0 bytes; actions:
transmit
exceeded 0 packets, 0 bytes; actions:
drop
violated 0 packets, 0 bytes; actions:
drop
conformed 0 bps, exceed 0 bps, violate 0 bps
Class-map: class-default (match-any) (1054/0)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: any (1055)
0 packets, 0 bytes
5 minute rate 0 bps
In this example, the CIR and PIR are displayed in bps, and both the committed burst (bc) and excess burst (be) are displayed in bits.
The CIR, PIR bc, and be are calculated on the basis of the formulas described below.
Formula for Calculating the CIR
When calculating the CIR, the following formula is used:
- CIR percentage specified (as shown in the output of the show policy-mapcommand) * bandwidth (BW) of the interface (as shown in the output of the show interfaces command) = total bits per second
On serial interface 2/0, the bandwidth (BW) is 2048 kbps. To see the bandwidth of the interface, use the show interfaces command. A sample is shown below:
Router# show interfaces serial2/0
Serial2/0 is administratively down, line protocol is down
Hardware is M4T
MTU 1500 bytes, BW 2048 Kbit, DLY 20000 usec, rely 255/255, load 1/255
The following values are used for calculating the CI:.
20 % * 2048 kbps = 409600 bps
Formula for Calculating the PIR
When calculating the PIR, the following formula is used:
- PIR percentage specified (as shown in the output of the show policy-mapcommand) * bandwidth (BW) of the interface (as shown in the output of the show interfaces command) = total bits per second
On serial interface 2/0, the bandwidth (BW) is 2048 kbps. To see the bandwidth of the interface, use the show interfaces command. A sample is shown below:
Router# show interfaces serial2/0
Serial2/0 is administratively down, line protocol is down
Hardware is M4T
MTU 1500 bytes, BW 2048 Kbit, DLY 20000 usec, rely 255/255, load 1/255
The following values are used for calculating the PIR:
40 % * 2048 kbps = 819200 bps
Note |
Discrepancies between this total and the total shown in the output of the show policy-map interface command can be attributed to a rounding calculation or to differences associated with the specific interface configuration. |
Formula for Calculating the Committed Burst (bc)
When calculating the bc, the following formula is used:
- The bc in milliseconds (as shown in the show policy-map command) * the CIR in bits per seconds = total number bytes
The following values are used for calculating the bc:
300 ms * 409600 bps = 15360 bytes
Formula for Calculating the Excess Burst (be)
When calculating the bc and the be, the following formula is used:
- The be in milliseconds (as shown in the show policy-map command) * the PIR in bits per seconds = total number bytes
The following values are used for calculating the be:
400 ms * 819200 bps = 40960 bytes
Additional References
The following sections provide references related to the QoS Percentage-Based Policing feature.
Related Documents
Related Topic |
Document Title |
---|---|
QoS commands: complete command syntax, command modes, command history, defaults, usage guidelines, and examples |
Cisco IOS Quality of Service Solutions Command Reference |
Modular QoS Command-Line Interface (CLI) (MQC), including information about attaching policy maps |
"Applying QoS Features Using the MQC" module |
Traffic shaping and traffic policing |
"Policing and Shaping Overview" module |
Commands related to dCEF |
Cisco IOS Switching Command Reference |
Standard
Standard |
Title |
---|---|
No new or modified standards are supported by this feature, and support for existing standards has not been modified by this feature. |
-- |
MIB
MIB |
MIBs Link |
---|---|
No new or modified MIBs are supported by this feature, and support for existing MIBs has not been modified by this feature. |
To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL: |
RFCs
RFC |
Title |
---|---|
RFC 2697 |
A Single Rate Three Color Marker |
RFC 2698 |
A Two Rate Three Color Marker |
Technical Assistance
Description |
Link |
---|---|
The Cisco Support and Documentation website provides online resources to download documentation, software, and tools. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies. Access to most tools on the Cisco Support and Documentation website requires a Cisco.com user ID and password. |
Feature Information for QoS Percentage-Based Policing
The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.
Table 1 | Feature Information for QoS Percentage-Based Policing |
Feature Name |
Releases |
Feature Information |
---|---|---|
QoS Percentage-Based Policing |
12.2(13)T 12.0(28)S 12.2(28)SB 15.0(1)S |
The QoS Percentage-Based Policing feature allows you to configure traffic policing and traffic shaping on the basis of a percentage of bandwidth available on the interface. This feature also allows you to specify the committed burst (bc) size and the excess burst (be) size (used for configuring traffic policing) in milliseconds (ms). Configuring traffic policing in this manner enables you to use the same policy map for multiple interfaces with differing amounts of bandwidth. In Release 12.2(13)T, this feature was introduced. In Release 12.0(28)S, the option of specifying committed (conform) burst (bc) and excess (peak) burst (be) sizes in milliseconds was added. In Release 12.2(28)SB, this feature was integrated in Cisco IOS Release 12.2(28)SB. In Release 15.0(1)S, this feature was integrated in Cisco IOS Release 15.0(1)S. The following commands were introduced or modified: police (percent), shape (percent), show policy-map, show policy-map interface. |
Cisco and the Cisco Logo are trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found at www.cisco.com/go/trademarks. Third party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1005R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.