Dynamic Bandwidth Allocation Among Traffic Flows in SRC Policy Lists for JunosE Routing Platforms
Rate-Limit Hierarchies Overview
SRC support for JunosE rate-limit hierarchies lets you configure hierarchical policies to dynamically share unused bandwidth from high-priority traffic with lower priority traffic. A rate-limit hierarchy is a defined series of rate limits that a packet traverses within a policy list. At each level in the hierarchy, the packet is evaluated and processed as configured. Traffic preferences set in a hierarchy can specify the bandwidth allocated to a combined traffic flow and to several traffic flows within the combined flow. For example, a traffic flow may include video traffic and Internet traffic. The video traffic would have a high priority, but during times when not all bandwidth allocated to video is in use, the Internet traffic can access the unused bandwidth.
Rate-limit hierarchies also enable real-time traffic to use all guaranteed bandwidth below a configured maximum. Traffic is transmitted depending on the rate limit set for the traffic flow. Preferred, high-priority traffic packets are dropped only as configured by the rate limit for that traffic flow. Lower priority traffic, however, can be dropped to keep the total traffic flow below a configured maximum limit.
Internal Parent Groups in Rate-Limit Hierarchies
An internal parent group is an object that defines a rate-limit action. An internal parent group can contain other parent groups or be subordinate to another parent group to form a hierarchy. When you configure rate-limit hierarchies, you configure internal parent groups (in a policy list) that specify the rate-limit configurations and configure traffic match conditions, which reference the parent groups.
You can configure a maximum of three hierarchy levels under a parent group. SRC parent groups support input, secondary-input, and output lists and can be configured for lists that have roles for JunosE IPv4 and JunosE IPv6.
An internal parent group must contain another parent group or be referenced by a policy rule. The rate limit configured for an internal parent group must be configured to support hierarchical rate limits. It can also be configured to be color-aware, that is to detect ToS byte marking for red, yellow, and green. If the rate limit is color aware, a rate limit in the hierarchy can change the color of the incoming packet. An incoming packet may have the color already set by a previous rate limit or by a previous policy, such as an inbound IP or VLAN policy. Mark actions in the entire hierarchy can change the ToS values depending on the color of the packet. If the rate limit is not color aware, all packets are processed in the same way.
External Parent Groups
The SRC software supports aggregate rate-limiting for JunosE dual-stack subscribers (IPv4 and IPv6). Traffic flow can be rate-limited by a common external rate-limit profile. This is accomplished by defining higher-level external parent group rate-limit profiles and hierarchical policy parameters, which can be applied to lower-level classifier flows. External parent groups are defined externally to a policy list, so you can reference them in any policy you define in the SRC software.
Actions in Rate-Limit Hierarchies
You configure the action to be taken on traffic as packets traverse a rate-limit hierarchy. At each level in a rate-limit hierarchy, traffic may:
Drop—Drop the packet at that rate limit in the hierarchy. The packet does not change the state of any rate limit further down the hierarchy.
Exit the hierarchy—Set the packet color and end the packet's traversal of the rate-limit hierarchy at the current rate limit. The packet is forwarded and the rate limits further down the hierarchy are not affected. Committed packets can exit the hierarchy; conformed and exceeded packets continue to the next rate limit.
Be forwarded conditionally—Set the packet color to the result calculated by the rate limit and forward the packet to the next rate limit for processing. The next rate limit can then set the packet color and apply its actions to the packet. The forward-conditional option is the same as connecting the two rate limits in series.
Be forwarded unconditionally—Set the packet color to the result calculated by the rate limit, and forward the packet to the next rate limit. After a packet is unconditionally forwarded, the packet traverses the hierarchy to the end of the hierarchy. Remaining rate limits change because packet counts are reduced. As a result, other packets may meet conformed or exceeded actions.
You can configure a rate limit to have one of the four preceding actions for committed actions and conformed actions. For exceed actions, you can also configure a rate limit to have one of first three actions in the preceding list; exceed actions do not support an option to forward packets unconditionally. The action taken depends only on the result of the rate limit, including the burst sizes, and the current bandwidth allocation. In addition, the rate limit can assign a color to the packet, depending on both the result of the rate limit and the packet's incoming color. The final color after a packet finishes traversing a rate-limit hierarchy results from the various rate limits through which the packet passed.