User Based Rate-Limiting (Ubrl) - Cisco ASR 9000 Series Configuration Manual

User Based Rate-Limiting (UBRL)

• Flows are learnt and per-flow resources allocated by the feature even when the packets in the flow are
• For 5 tuple flow mask and IPv4 fragment traffic flows, the first fragment would be learnt with the correct
• Ingress marking does not work on the packets that the router can't forward such as time to live (TTL)
User Based Rate-Limiting (UBRL)
A microflow policer applies a rate-limiting policy on a per-flow basis. User-Based Rate-Limiting (UBRL) is
a microflow policer that dynamically learns traffic flows and rate-limit each unique traffic flow to an individual
rate on per-flow basis. Unlike a normal microflow policer, UBRL allows a policer to be applied to all traffic
to or from a specific user. The UBRL feature is a microflow policer with a source-mask or a destination mask
that defines or classifies a user distinctly.
UBRL ensures that a single flow does not lack bandwidth and every customer gets a rate limited guarantee
of flows. UBRL also provides enhanced granularity to provide SLA solutions by grouping different customer
flows in different class-based user groups. UBRL helps manage traffic based on the offered SLA for customers
in a high density aggregation environment.
UBRL Scenarios
This section describes the various UBRL scenarios.
UBRL for Multiple Sources
In this scenario, there is traffic from many customers on the interface. This is a common scenario in internet
service provider (ISP) handoffs, where an ISP has customer traffics from multiple sources and a host provider
receives traffic from these multiple sources.
Let us assume that each customer has been assigned a unique IP address and has the network credentials and
requirements as shown in this table, and the flow-key is configured based on the source IP (src-ip).
Customer Name
Company A
Company B
Company C
This scenario behaves differently depending on the policing requirement. If a same policing is applied, then
the maximum rate of traffic sent from each customer is controlled to the same rate. In this case, the flows
Cisco ASR 9000 Series Aggregation Services Router Modular Quality of Service Configuration Guide, Release
6.1.x
242
dropped by features that get applied after QoS or by fabric and egress card.
L4 details. For the subsequent fragments the flow entry will not have the L4 port details and gets degraded
to 3 tuple. This can cause oversubscription due to two policers allocated (one per flow) or congestion
for fragmented flows when many fragmented streams between the same IP peers match the same second
flow record.
packets. QoS policy is matched and show policy-map counters increment correctly. But the packets post
punt and inject on transmission don't have the remarked precedence to differentiated services code point
(DSCP).
Source IP Address
180.1.127.1
120.12.111.2
140.3.202.3
Configuring Flow Aware QoS
Requested Bandwidth
20 Mb
7 Mb
2 Mb