JUNOSe 9.1.x Policy Management Configuration Guide > Creating Rate-Limit Profiles > Two-Rate Rate-Limits Overview

Two-Rate Rate-Limits Overview

The two-rate rate limiter enables you to build tiered rate-limit services and to specify different treatments for packets at different rates.

Token buckets control how many packets per second are accepted at each of the configured rates and provide flexibility in dealing with the bursty nature of data traffic. At the beginning of each sample period, the two buckets are filled with tokens based on the configured burst sizes and rates. Traffic is metered to measure its volume. When traffic is received, if tokens remain in both buckets, one token is removed from each bucket for every byte of data processed. As long as tokens are still in the committed burst bucket, the traffic is treated as committed.

When the committed burst token bucket is empty but tokens remain in the peak burst bucket, traffic is treated as conformed. When the peak burst token bucket is empty, traffic is treated as exceeded.

In color-blind mode, if the committed token bucket has enough tokens when a packet is received, the packet is green and tokens are subtracted from both the committed and the peak token buckets. If the peak bucket does not have enough tokens left, it is allowed to go negative. Green packets are the committed traffic.

If the committed bucket does not have enough tokens for the packet, the peak bucket is tested (and the committed bucket is not changed). If there are enough tokens in the peak bucket, it is decremented and the packet is yellow. Yellow packets are the conformed traffic. If the peak bucket does not have enough tokens either (because the committed bucket did not have enough tokens), the packet is red. Red packets are the exceeded traffic.

The two-rate rate-limit profile attributes are:

• ATM cell mode—ATM cell tax accounted for in statistics and rate calculations
• Color-aware—Color-aware rate action (only for hierarchical rate limits)
• Committed rate—Target rate for a packet flow
• Committed burst—Amount of bandwidth allocated to accommodate bursty traffic in excess of the committed rate
• Peak rate—Amount of bandwidth allocated to accommodate excess traffic flow over the committed rate
• Peak burst—Amount of bandwidth allocated to accommodate bursty traffic in excess of the peak rate
• Committed action—Drop, transmit, conditional, unconditional, final, mark (IP and IPv6), or mark-exp (MPLS) when traffic flow does not exceed the committed rate; the mark value is not supported for hierarchical rate limits and the transmit values conditional, unconditional, or final are only supported on hierarchical rate limits
• Conformed action—Drop, transmit, mark (IP and IPv6), or mark-exp (MPLS) when traffic flow exceeds the committed rate but remains below the peak rate; the mark value is not supported for hierarchical rate limits and the transmit values conditional, unconditional, or final are only supported on hierarchical rate limits
• Exceeded action—Drop, transmit, mark (IP and IPv6), or mark-exp (MPLS) when traffic flow exceeds the peak rate; the mark value is not supported for hierarchical rate limits and the transmit values conditional, unconditional, or final are only supported on hierarchical rate limits
• Mask value—Mask to be applied with mark values for the ToS byte; applicable only to IP and IPv6 rate-limit profiles; not supported on hierarchical rate limits
• EXP mask value—Mask to be applied with mark-exp values; applicable only to MPLS rate-limit profiles; not supported on hierarchical rate limits

Table 7 indicates the interaction between the rate settings and the actual traffic rate to determine the action taken by a rate-limit rule in a policy when applied to a traffic flow. This implementation is known as a two-rate, three-color marking mechanism.

 Table 7:  Policy Action Applied Based on Rate Settings and Traffic Rate  

 Peak Rate
 Committed Rate = 0
 Committed Rate Not 0

 Peak rate = 0


  
 All traffic assigned the exceeded action



  
 Traffic <= committed rate assigned the committed action
  
 Traffic > committed rate assigned the exceeded action



 Peak rate not 0


  
 Traffic <= peak rate assigned the conformed action
  
 Traffic > peak rate assigned the exceeded action



  
 Traffic <= committed rate assigned the committed action
  
 Committed rate < Traffic < peak rate assigned the conformed action
  
 Traffic > peak rate assigned the exceeded action




 

Table 8 presents equations that can represent the algorithm for the two-rate rate-limit profile, where:

• B = size of packet in bytes
• Tp = size of peak token bucket in bytes (maximum size of this bucket is the configured peak burst)
• Tc = size of the committed token bucket in bytes (maximum size of this bucket is the configured committed burst)
• t = time

 Table 8:  Two-Rate Rate-Limit Profile Algorithms  

 Step
 Result

 If not color-aware, use green as the incoming packet color, otherwise use the actual packet color 

 –


 If incoming packet color is green:

 –


 If  Tc(t) >= B


  
 Packet is marked as green
  
 Tc(t) is decremented by B
  
 Tp(t) is decremented by B (allow Tp(t) < 0 if necessary)



 If Tp(t) >= B and Tc(t) < B


  
 Packet is marked as yellow
  
 Tp(t) is decremented by B



 If Tp(t) < B and Tc(t) < B


  
 Packet is marked as red



 If incoming packet color is yellow (only occurs in color-aware operation)

 –


 If Tp(t) >= B


  
 Packet is marked as yellow
  
 Tp(t) is decremented by B



 If Tp(t) < B


  
 Packet is marked as red



 If incoming packet color is red (only occurs in color aware operation)


  
 Packet is marked as red