Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Two-Rate Rate-Limits Overview

    The two-rate rate limiter enables you to build tiered rate-limit services and to specify different treatments for packets at different rates.

    Token buckets control how many packets per second are accepted at each of the configured rates and provide flexibility in dealing with the bursty nature of data traffic. At the beginning of each sample period, the two buckets are filled with tokens based on the configured burst sizes and rates. Traffic is metered to measure its volume. When traffic is received, if tokens remain in both buckets, one token is removed from each bucket for every byte of data processed. As long as tokens are still in the committed burst bucket, the traffic is treated as committed.

    When the committed burst token bucket is empty but tokens remain in the peak burst bucket, traffic is treated as conformed. When the peak burst token bucket is empty, traffic is treated as exceeded.

    In color-blind mode, if the committed token bucket has enough tokens when a packet is received, the packet is green and tokens are subtracted from both the committed and the peak token buckets. If the peak bucket does not have enough tokens left, it is allowed to go negative. Green packets are the committed traffic.

    If the committed bucket does not have enough tokens for the packet, the peak bucket is tested (and the committed bucket is not changed). If there are enough tokens in the peak bucket, it is decremented and the packet is yellow. Yellow packets are the conformed traffic. If the peak bucket does not have enough tokens either (because the committed bucket did not have enough tokens), the packet is red. Red packets are the exceeded traffic.

    The two-rate rate-limit profile attributes are:

    • ATM cell mode—ATM cell tax accounted for in statistics and rate calculations
    • Color-aware—Color-aware rate action (only for hierarchical rate limits)
    • Committed rate—Target rate for a packet flow
    • Committed burst—Amount of bandwidth allocated to accommodate bursty traffic in excess of the committed rate
    • Peak rate—Amount of bandwidth allocated to accommodate excess traffic flow over the committed rate
    • Peak burst—Amount of bandwidth allocated to accommodate bursty traffic in excess of the peak rate
    • Committed action—Drop, transmit, conditional, unconditional, final, mark (IP and IPv6), or mark-exp (MPLS) when traffic flow does not exceed the committed rate; the mark value is not supported for hierarchical rate limits and the transmit values conditional, unconditional, or final are only supported on hierarchical rate limits
    • Conformed action—Drop, transmit, mark (IP and IPv6), or mark-exp (MPLS) when traffic flow exceeds the committed rate but remains below the peak rate; the mark value is not supported for hierarchical rate limits and the transmit values conditional, unconditional, or final are only supported on hierarchical rate limits
    • Exceeded action—Drop, transmit, mark (IP and IPv6), or mark-exp (MPLS) when traffic flow exceeds the peak rate; the mark value is not supported for hierarchical rate limits and the transmit values conditional, unconditional, or final are only supported on hierarchical rate limits
    • Mask value—Mask to be applied with mark values for the ToS byte; applicable only to IP and IPv6 rate-limit profiles; not supported on hierarchical rate limits
    • EXP mask value—Mask to be applied with mark-exp values; applicable only to MPLS rate-limit profiles; not supported on hierarchical rate limits

    Table 1 indicates the interaction between the rate settings and the actual traffic rate to determine the action taken by a rate-limit rule in a policy when applied to a traffic flow. This implementation is known as a two-rate, three-color marking mechanism.

    Table 1: Policy Action Applied Based on Rate Settings and Traffic Rate

    Peak Rate

    Committed Rate = 0

    Committed Rate Not 0

    Peak rate = 0

    • All traffic assigned the exceeded action
    • Traffic <= committed rate assigned the committed action
    • Traffic > committed rate assigned the exceeded action

    Peak rate not 0

    • Traffic <= peak rate assigned the conformed action
    • Traffic > peak rate assigned the exceeded action
    • Traffic <= committed rate assigned the committed action
    • Committed rate < Traffic < peak rate assigned the conformed action
    • Traffic > peak rate assigned the exceeded action

    Table 2 presents equations that can represent the algorithm for the two-rate rate-limit profile, where:

    • B = size of packet in bytes
    • Tp = size of peak token bucket in bytes (maximum size of this bucket is the configured peak burst)
    • Tc = size of the committed token bucket in bytes (maximum size of this bucket is the configured committed burst)
    • t = time

      Table 2: Two-Rate Rate-Limit Profile Algorithms

      Step

      Result

      If not color-aware, use green as the incoming packet color, otherwise use the actual packet color

      If incoming packet color is green:

      If Tc(t) >= B

      • Packet is marked as green
      • Tc(t) is decremented by B
      • Tp(t) is decremented by B (allow Tp(t) < 0 if necessary)

      If Tp(t) >= B and Tc(t) < B

      • Packet is marked as yellow
      • Tp(t) is decremented by B

      If Tp(t) < B and Tc(t) < B

      • Packet is marked as red

      If incoming packet color is (only occurs in color-aware operation)

      If Tp(t) >= B

      • Packet is marked as yellow
      • Tp(t) is decremented by B

      If Tp(t) < B

      • Packet is marked as red

      If incoming packet color is red (only occurs in color aware operation)

      • Packet is marked as red

    Published: 2014-08-14