Cisco QOS - Police Questions

Hi All,

WOuld be of great help if anyone can help me answer the below questions so that i can better understand the QOS.

- Below is the Police we have set for Voice Traffic. Based on my understanding that the Voice Traffic can have a maximum of 884Kbps and in case of any congestion it will be gurantted a 884Kbps any time. But what does the 8000 Burst Bytes do? I have read few papers saying that the 8000 is the size of the token bucket? If it is the size of the token bucket , is there a token bucket created for each flow(means each source and destination IP with port) or the whole class has onlyi one token bucket size of 8000 bytes? Also on what scenarios can we actually full up the 8000 bytes? Because today we are seeing a lot of drop packets beacuse of this police. But the problem is the 884kbps is never full and not sure if the 8000 is somehow dropping the packets.

 police 884000 8000 conform-action set-dscp-transmit ef exceed-action drop
  priority 884

Also does the priroity 884 means it will never allow the other class to use that 884kbps even when there is no utilization for the Voice Class? Is it just reserverd for it.

LVL 11
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Jan SpringerCommented:
The token bucket is a fixed value -- it is not per stream.

I typically set my burst to 10% of the bandwidth/priority value specified.  I recommend changing the burst to 88400.

'priority' does reserve that amount of bandwidth for that policy.  Your other option is to use a 'bandwidth percent' value.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
kamalgopiAuthor Commented:
Hi Jesper,

Thanks for the information. Then what does this Token Bucket really mean? What is the 10% value actually for? Because even without any high Utilization we are seeing Packet Drops for this Voice Class, i am worried that this Burst rate is causing the issue. Also any idea on why set it to 10% only?. Any theory behind it?

Also thanks on the priority information, probably we will change it to Bandwidth.

Alex BaharCommented:
Normally buckets belong to the subinterface or interface. Normally it is not per flow. However SUP720 has a per flow policy mechanism as well. It is called microflow. You can also apply policing to a group of interfaces using aggregate policing feature. You need to refer to each product's reference document for supported policing type. The hardware implementation may be different especially on switches.
Class-based policing - If you apply a policy with the police command to both the interface and the subinterface, only the subinterface policer is active for the traffic that matches the class.
Typically your bucket size should be at least 10% of your policed bandwidth. In your example bucket size should be 88400 or higher. Your current size of 8000 may cause packet drops if the traffic is bursty (for example variable bit rate video).
Priority 884 does not strictly reserve 884kbps bandwidth for priority queue. It is used as needed. If there is no priority traffic, then this bandwidth can be used by other classes. Cisco says
Although the bandwidth guarantees provided by the bandwidth and priority commands have been described with words like "reserved" and "bandwidth to be set aside", neither command implements a true reservation. In other words, if a traffic class is not using its configured bandwidth, any unused bandwidth is shared among the other classes.
Put Your Flow Data to Work

SolarWinds® Flow Tool Bundle combines three easy-to-download, easy-to-use flow analysis tools that can help you quickly distribute, test, and configure your flow traffic.

Jan SpringerCommented:
This is an excellent document on token buckets, burst, etc:

Typically what I would expect to see in the police command are:

  maximum_bandwidth  normal_burst maximum_burst

           884000             88400        221000

and then the actions that you wish to take.

I've used 10% as a baseline to protect downstream equipment that does not have a sufficient buffer to pass 25%.

I would recommend increasing your burst to 10% first.  If that is not enough, try 25%.
Alex BaharCommented:
You should keep your "priority" keyword if you have voip or video.
Priority queue is implemented in the hardware (usually hardware queue #4). If you remove the "priority" command, then queue #4 turns into an ordinary queue. When it turns into an ordinary queue, it will provide/guarantee the necessary bandwidth, but it will not provide priority queueing. If you do not have priority queueing, this means that your voice packets will wait until its queue is serviced. This will cause random delays between voice packets. In other words "jitter". Too much jitter causes robotic sound, or frozen video, blue screen.
Jan SpringerCommented:
With VoIP, I prefer priority.  However, it's important to understand the differences:
Alex BaharCommented:
With voip, "priority" queue is a requirement. You cannot avoid it. Please check Cisco documents for LLQ.
kamalgopiAuthor Commented:

Really appreciate your answers. Am i right to say that the Burst rate is actually the Data Transfer speed. In the token bucket metaphor, tokens are put into the bucket at a certain rate; in this the certain rate is actually the 10% which is mentioned in bytes? 88400 bytes which is 707kbps? if that is correct then increasing it to 25% will not cause more drops as it goes more than the mean rate mentioned in the police.

If i am wrong, then what is the Burst rate actually used for? When does the 10% come into picture? If i dont set to 10% why does it even drop?

i am sorry if i am confusing myself and confusing you guys.

Jan SpringerCommented:
"A token bucket is a formal definition of a rate of transfer. It has three components: a burst size, a mean rate, and a time interval (Tc)."

"Burst size—Also called the Committed Burst (Bc) size, it specifies in bits (or bytes) per burst how much traffic can be sent within a given unit of time to not create scheduling concerns. (For a shaper, such as GTS, it specifies bits per burst; for a policer, such as CAR, it specifies bytes per burst.)"
Alex BaharCommented:
Burst size is used for making sure the traffic rate increases gradually. That can be used for avoding sudden congestion. The aim is to have a smoother traffic pattern while staying within your bandwidth limits. If your burst size is too small, all giant packets that contain more bytes than your bucket gets dropped, because they don't fit into your bucket. Just because of that you need to make sure your burst size should also be at least twice as big as your largest packet size.
kamalgopiAuthor Commented:
Thanks guys...Anyway is the Burst Size also per Flow or for the traffic for the whole class?
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.