Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Three-Color Policer Configuration Guidelines

Platforms Supported for Three-Color Policers

Three-color policers are supported on the following Juniper Networks routers:

  • M120 Multiservice Edge Routers

  • M320 Multiservice Edge Routers and T Series Core Routers with Enhanced II Flexible PIC Concentrators (FPCs)

  • MX Series 5G Universal Routing Platforms

  • T640 Core Routers with Enhanced Scaling FPC4

  • T4000 Core Routers with FPC5

On MX Series and M120 routers, you can apply three-color policers to aggregated interfaces.

The discard action for a tricolor marking policer for a firewall filter is supported on the M120 routers, M320 routers with Enhanced-III FPCs, M7i and M10i routers with the Enhanced CFEB (CFEB-E), and MX Series routers with Trio MPCs, so it is not necessary to include the logical-interface-policer statement for them.

Color Modes for Three-Color Policers

Three-color policers—both single-rate and two-rate three-color policer schemes—can operate in either of two modes:

Color-Blind Mode

In color-blind mode, the three-color policer assumes that all packets examined have not been previously marked or metered. If you configure a three-color policer to be color-blind instead of color-aware, the policer ignores preexisting color markings that might have been set for a packet by another traffic policer configured at a previous network node.

Color-Aware Mode

In color-aware mode, the three-color policer assumes that all packets examined have been previously marked or metered. In other words, the three-color policer takes into account any coloring markings that might have been set for a packet by another traffic policer configured at a previous network node. At the node where color-aware policing is configured, any preexisting color markings are used in determining the appropriate policing action for the packet.

In color-aware mode, the three-color policer can increase the packet loss priority (PLP) level of a packet, but never decrease it. For example, if a color-aware three-color policer meters a packet with a medium PLP marking, it can raise the PLP level to high, but cannot reduce the PLP level to low.

For two-rate, three-color policing, the Junos OS uses two token buckets to manage bandwidth based on the two rates of traffic. For example, two-rate policing might be configured on a node upstream in the network. The two-rate policer has marked a packet as yellow (loss priority medium-low). The color-aware policer takes this yellow marking into account when determining the appropriate policing action. In color-aware policing, the yellow packet would never receive the action associated with either the green packets or red packets. This way, tokens for violating packets are never taken from the metering token buckets at the color-aware policing node.

Note:

For a three-color policer operating in color-aware mode and when the PLP of the input packet is medium-low, the color of the input packet to the policer is mapped to the color yellow.

In such a scenario, if the color of the input packet remains unchanged, the policer operates in the following way:

  • On a T1600 Enhanced Scaling Type 4 FPC (T1600-FPC4-ES), the PLP of the output packet remains medium-low.

  • On a T4000 Type 5 FPC (T4000-FPC5-3D), the PLP of the output packet is marked as medium-high.

Because of this difference, for any applications (such as rewrite and WRED selection on egress interface) that use PLP, the packets are treated differently for the same flow depending on the FPC type (T1600 Enhanced Scaling FPC4 (T1600-FPC4-ES) or T4000 FPC5 (T4000-FPC5-3D)) on which the policer is applied.

Naming Conventions for Three-Color Policers

Because policers can be numerous and must be applied correctly to work, a simple naming convention makes it easier to apply the policers properly.

We recommend that you name your policer using a convention that identifies the basic components of the policer:

  • Three-color policer type—Where srTCM identifies a single-rate three-color policer and trTCM identifies a two-rate three-color policer.

  • Three-color policer color mode—Where ca identifies a color-aware three-color policer and cb identifies a color-blind three-color policer.

Note:

TCM stands for tricolor marking.

Table 1 describes a recommended naming convention for policers.

Table 1: Recommended Naming Convention for Policers

Three-Color Policer Type

Naming Convention

Example Names

Single-rate three-color, color-aware

srTCMnumber-ca

srTCM1-ca,

srTCM2-ca,

srTCM3-ca,

...

Single-rate three-color, color-blind

srTCMnumber-cb

srTCM1-cb,

srTCM2-cb,

srTCM3-cb,

...

Two-rate three-color, color-aware

trTCMnumber-ca

trTCM1-ca,

trTCM2-ca,

trTCM3-ca,

...

Two-rate three-color, color-blind

trTCMnumber-cb

trTCM1-cb,

trTCM2-cb,

trTCM3-cb,

...