excess-burst-size
Syntax
excess-burst-size bytes;
Hierarchy Level
[edit dynamic-profiles profile-name firewall three-color-policer name single-rate], [edit firewall three-color-policer policer-name single-rate]
Description
For a single-rate three-color policer, configure the excess burst size (EBS) as a number of bytes. The EBS allows for moderate periods of bursting traffic that exceeds both the committed information rate (CIR) and the committed burst size (CBS).
When you include the excess-burst-size
statement
in the configuration, you must also include the committed-burst-size
and committed-information-rate
statements at the same
hierarchy level.
Traffic that exceeds both the CIR and the CBS is considered nonconforming.
Single-rate three-color policing uses a dual token
bucket algorithm to measure traffic against a single rate
limit. Nonconforming traffic is categorized as yellow or red based
on the excess-burst-size
statement included in the policer
configuration.
During periods of traffic that conforms to the CIR, any unused portion of the guaranteed bandwidth capacity accumulates in the first token bucket, up to the maximum number of bytes defined by the CBS. If any accumulated bandwidth capacity overflows the first bucket, the excess accumulates in a second token bucket, up to the maximum number of bytes defined by the EBS.
A nonconforming traffic flow is categorized yellow if its size
conforms to bandwidth capacity accumulated in the first token bucket.
Packets in a yellow flow are marked with medium-high
packet
loss priority (PLP) and then passed through the interface.
A nonconforming traffic flow is categorized red if its size
exceeds the bandwidth capacity accumulated in the second token bucket.
Packets in a red traffic flow are marked with high
PLP
and then either passed through the interface or optionally discarded.
Options
bytes
—Number
of bytes. You can specify a value in bytes either as a complete
decimal number or as a decimal number followed by the abbreviation k
(1000), m
(1,000,000), or g
(1,000,000,000).
Range: 1500 through 100,000,000,000 bytes
Required Privilege Level
firewall—To view this statement in the configuration.
firewall-control—To add this statement to the configuration.