Need For Traffic Policing; Traffic Policing Functionality On Secure Routers - Avaya 1000 Series Configuration Manual

mechanism when they arrive faster than the configured rate. Therefore shaping can smooth
out the burstiness in a flow, helping to minimize buffer overruns in intermediate routers. Policing
does not smooth out bursts, but it can control bursts by dropping packets or marking them
down.
Since shaping delays packets, thereby throttling the packet rate instead of dropping them,
adaptive applications (those using TCP) perform better. Dropping packets can cause
exponential back-off of TCP which can affect the throughput. This problem with policing can
be minimized by configuring the burst parameter of the policer to be a sufficiently large value.

Need for Traffic Policing

Policing has the advantage of providing low latency since it does not queue packets. This
makes policing a good choice for interactive and streaming voice and video applications.
Policing also uses much less resources in the router than shaping. It is a better and more
practical method to provide QoS for incoming traffic on an interface.
On Secure Routers, policing can be used to limit the maximum rate of a traffic flow received
on a WAN interface. This is especially useful when the POP/CO router does not do any shaping
or policing of traffic before transmitting it onto the WAN or it is under a different administrative
domain which prevents access to the QoS configuration.

Traffic Policing Functionality on Secure Routers

Customers will now be able to rate limit inbound traffic on the WAN links using policing while
doing CBQ for outbound traffic. This means the Secure Router can now provide QoS for traffic
in both directions, eliminating dependency on the upstream router. Policing of outbound WAN
traffic is also possible, but using CBQ to shape traffic is recommended because of reasons
mentioned in section "
also provides bandwidth guarantee, bandwidth borrowing and prioritization. It provides "Total
Link Access Control" instead of just rate limiting. Traffic policing is also supported on ethernet
interfaces. Please check section "
for limitations.
Traffic policing is implemented using a token bucket algorithm. Users will be able specify two
parameters when configuring traffic policing, Rate (token fill rate) and Burst (number of tokens).
Rate is specified in Kbps or percent of link bandwidth. Burst can be specified in kilobits or as
a duration (based on the configured rate) in milliseconds. "Rate" determines the average
bandwidth for the policed flow and "Burst" determines the maximum burst (in bits or bytes)
permitted for the flow. Packets conforming to these limits will be forwarded and those violating
these limits will be dropped. Other conform-actions and violate-actions, like marking down the
TOS or DSCP value, are not be supported for now.
We will not support additional parameters that Cisco systems supports, like "extended burst"
for CAR (committed access rate) and "excess burst" for policing. We feel, they introduce more
Avaya Secure Router 1000 Series Configuration Guide
Traffic Policing versus Traffic Shaping
Verifying Policing Status and Configuration
Traffic Policing versus Traffic Shaping
on page 220 ". Additionally, CBQ
on page 223 "
December 2010 221