 | Copyright © 2008, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |
Because PGCP traffic flows involve voice traffic, the flows require quality of service that:
The packet gateway provides a two-rate policer that you can apply to the ingress traffic of any gate.
This quality of service is provided through a two-rate three-color policing functionality on the MultiServices PIC. This policer complies with RFC 2698, A Two Rate Three Color Marker, September, 1999. With the rate limiting capability, the MultiServices PIC can police flows to conform to:
You use rate limiting with gates. To enable rate limiting for a gate, you need to provide traffic management package (TMAN) parameters. You can configure these parameters in the CLI or they can come from the PGCP signaling commands received from the PGC. Traffic-management parameters that come from the PGC override parameters configured in the CLI.
Table 9: Traffic Parameters Configured in the CLI
For each of the traffic-management parameters, you can configure a default value that applies to all gate streams and value that applies only to RTCP gate streams. For RTCP streams, you can specify a fixed value for the parameters or you can specify the value as a percentage of the RTP rate. When RTP and RTCP are represented as a single stream, RTCP is policed whenever RTP is policed.
The PGC can send traffic-management parameters to the packet gateway in PGCP gate open and gate modify signaling requests. When the services PIC receives these parameters, it marks the packets red, yellow, or green as specified in RFC 2698. A packet is marked red if it exceeds the PIR. A packet is marked yellow if it exceeds the CIR. A packet is marked green if it does not exceed the CIR. Packets that are marked red are dropped by the services PIC.
If the policy command H.248 message from the PGC is on (tman/pol=on), but the rate-limiting parameters are not specified in the message and the JUNOS rate-limiting parameters have not been configured, the PG uses following default values:
When a VoIP flow configured through the packet gateway violates the SDR by three times the configured rate, fast update filters are installed on the gate to allow the rate-limiting drop action to occur on the PFE instead of the PIC.
A fast update filter is similar to a regular filter that is defined in the [edit firewall] hierarchy, except that the system can incrementally add or update terms.
For fast update filters, a term equals a gate definition. You can see gate definitions in the show services pgcp extensive command output.
The fast update filter match is performed based on the most specific defined term. For each filter, a default term is installed to allow traffic to pass through (otherwise, all traffic is dropped because it is the default firewall action). For example, two terms are listed when there are two filters.
Filters are in effect until the gate is destroyed. If the client loses its connection for over 30 seconds, the existing filters are deleted, and default fast update filters are installed.
To display statistics for a gate including rate-limiting statistics and the number of packets dropped because of FUF filters, use the show services pgcp gates gate-id gate-id statistics command.
| Copyright © 2008, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |