Cisco ASA 5505 Configuration Manual page 1060

Information About QoS
Supported QoS Features
The adaptive security appliance supports the following QoS features:
•
•
•
What is a Token Bucket?
A token bucket is used to manage a device that regulates the data in a flow. For example, the regulator
might be a traffic policer or a traffic shaper. A token bucket itself has no discard or priority policy.
Rather, a token bucket discards tokens and leaves to the flow the problem of managing its transmission
queue if the flow overdrives the regulator.
A token bucket is a formal definition of a rate of transfer. It has three components: a burst size, an
average rate, and a time interval. Although the average rate is generally represented as bits per second,
any two values may be derived from the third by the relation shown as follows:
average rate = burst size / time interval
Here are some definitions of these terms:
•
•
•
In the token bucket metaphor, tokens are put into the bucket at a certain rate. The bucket itself has a
specified capacity. If the bucket fills to capacity, newly arriving tokens are discarded. Each token is
permission for the source to send a certain number of bits into the network. To send a packet, the
regulator must remove from the bucket a number of tokens equal in representation to the packet size.
If not enough tokens are in the bucket to send a packet, the packet either waits until the bucket has
enough tokens (in the case of traffic shaping) or the packet is discarded or marked down (in the case of
policing). If the bucket is already full of tokens, incoming tokens overflow and are not available to future
packets. Thus, at any time, the largest burst a source can send into the network is roughly proportional
to the size of the bucket.
Note that the token bucket mechanism used for traffic shaping has both a token bucket and a data buffer,
or queue; if it did not have a data buffer, it would be a policer. For traffic shaping, packets that arrive that
cannot be sent immediately are delayed in the data buffer.
Cisco ASA 5500 Series Configuration Guide using ASDM
49-2
Policing—To prevent individual flows from hogging the network bandwidth, you can limit the
maximum bandwidth used per flow. See the
more information.
Priority queuing—For critical traffic that cannot tolerate latency, such as Voice over IP (VoIP), you
can identify traffic for Low Latency Queuing (LLQ) so that it is always transmitted ahead of other
traffic. See the "Information About Priority Queueing" section on page 49-3
Traffic shaping—If you have a device that transmits packets at a high speed, such as a adaptive
security appliance with Fast Ethernet, and it is connected to a low speed device such as a cable
modem, then the cable modem is a bottleneck at which packets are frequently dropped. To manage
networks with differing line speeds, you can configure the adaptive security appliance to transmit
packets at a fixed slower rate. See the
more information.
Average rate—Also called the committed information rate (CIR), it specifies how much data can be
sent or forwarded per unit time on average.
Burst size—Also called the Committed Burst (Bc) size, it specifies in bits or bytes per burst how
much traffic can be sent within a given unit of time to not create scheduling concerns. (For traffic
shaping, it specifies bits per burst; for policing, it specifies bytes per burst.)
Time interval—Also called the measurement interval, it specifies the time quantum in seconds per
burst.
"Information About Policing" section on page 49-3
"Information About Traffic Shaping" section on page 49-4
Chapter 49 Configuring QoS
for
for more information.
for
OL-20339-01