QoS Implementation - Rate Limiting (QoS Issue 4) Highlighted

Latest reply: Apr 10, 2017 09:50:08 3533 1 0 0

QoS Implementation - Rate Limiting

Based on issues 2 and 3, MQC implements QoS technologies and priority mapping is the prerequisites for implementing QoS. How QoS improves network service quality may still puzzle you. This issue describes how QoS improves network service quality.

1 Introduction to Rate Limiting

Someone will ask why is the service quality improved since the Internet access rate speed is limited? For example, when a person uses the BT to download videos continuously, network congestion occurs and the Internet access service quality of other users is seriously affected. In such a scenario, the rate needs to be limited. Rate limiting aims to prevent the bandwidth from being maliciously occupied. It ensures that network congestion does not occur on the entire network when services are normal, and improves the service quality of the entire network.

Some persons that drive cars are familiar with speed limit. Maybe someone was punished for exceeding the speed limit. Traffic rate limiting is similar to speed limit. Rate limiting technology limits the rate of traffic entering or going out of a switch with a specified range. If the rate limit is not exceeded, services are normal. If the rate limit is exceeded, punishment actions are taken for excess packets.

l   If the rate limit is not exceeded, packets are forwarded directly.

l   If the rate limit is exceeded slightly, packets are buffered.

l   If the rate limit is exceeded too much, excess packets are discarded.

The following technologies are often used to limit the traffic rate:

l   Traffic policing: Traffic policing directly discards the excess traffic. Traffic policing is often used in the inbound direction, just like a highway. The highway will not become the road at tortoise speed when the number of vehicles is limited at the ingress.

l   Traffic shaping: Traffic shaping limits the rate of outgoing packets of one or more queues and caches the packets. When the queue is idle, packets are sent out. Packets are discarded only when the buffer is full. In this way, traffic is sent out evenly. Traffic shaping solves the problem of congestion on the downstream device; therefore, traffic shaping is often applied to the outbound direction.

2 Implementation of Rate Limiting

The rate needs to be measured to implement rate limiting. For example, if methods such as radar testing are not used to test the vehicle speed, speed limit takes ineffective. How does a switch determine rate exceeding? The token bucket is used. There are three mechanisms: Single-Rate-Single-Bucket, Single-Rate-Two-Bucket, and Two-Rate-Two-Bucket.

The application scenarios of the three bucket mechanisms are as follows:

l   Single-Rate-Single-Bucket: Tokens are put into bucket C at the CIR. When packets are received, tokens are taken out of bucket C. If there are sufficient tokens, packets are forwarded. If tokens are insufficient, packets are directly discarded. This mechanism is often applied to low-priority services such as extranet HTTP traffic. Excess traffic is directly discarded.

l   Single-Rate-Two-Bucket at dual rates: Tokens are put into buckets C and E at the CIR. Tokens are first put into bucket C. When bucket C is full, tokens are put into bucket E. When packets are received, tokens in bucket C are used. If tokens in bucket C are insufficient, tokens in bucket C are returned. Then tokens in bucket E are used. If the packet length is larger than the number of tokens in bucket C but is smaller than or equal to the number of tokens in bucket E, the packets are marked in yellow and forwarded in BE mode or when the network is idle. Compared with Single-Rate-Single-Bucket, Single-Rate-Two-Bucket allows burst traffic. Single-Rate-Two-Bucket is mainly used for important and non-urgent services, for example, enterprise email data. This mechanism prevents email sending failures.

l   Two-Rate-Two-Bucket: Tokens are put into bucket C at the CIR and are put into bucket P at the PIR. When packets are received, tokens in two buckets are taken. If tokens in bucket C are sufficient, packets are marked in green and directly forwarded. If tokens in bucket P are insufficient, packets are marked in red and directly discarded. If the packet length is larger than the number of tokens in bucket C but is smaller than the number of tokens in bucket P, the packets are marked in yellow. The difference between Two-Rate-Two-Bucket and Single-Rate-Two-Bucket is that the rates of placing tokens in buckets C and P are different. Generally, the PIR is larger than the CIR. That is, tokens are placed in bucket P faster, so bucket P can support burst traffic for a long time.

When burst traffic is not considered, Single-Rate-Single-Bucket is used. When burst traffic is considered, Single-Rate-Two-Bucket is used. When burst traffic for a long time is considered, Two-Rate-Two-Bucket is used.

3 Settings of Rate Limiting Parameters

For the token bucket algorithm, a larger CIR indicates a larger rate at which tokens are generated so that more tokens can be obtained and much heavy traffic enters the network. Therefore, the CIR is the key for controlling incoming network traffic. The CBS is also important. A larger CBS indicates that more tokens can be accumulated in bucket C and the size of packets that are allowed to pass is larger.

Switches perform per-packet forwarding, so the CBS cannot be smaller than the maximum length of packets that are allowed to pass.

Assume that the traffic rate limit is 10 Mbit/s and a small CBS (for example, 1000 bytes) is used in Single-Rate-Single-Bucket mode. If the length of each packet within a certain period of time is larger than 1000 bytes, all the packets are discarded. During this period of time, no packet is forwarded and the forwarding rate is 0. Consequently, network resources are wasted and service exceptions occur.

Should the CBS be large as much as possible? No. If the CBS is large as much as possible, rate limiting becomes invalid. For example, the traffic rate limit is 10 Mbit/s and the CBS is 7200 Mbytes. At a certain time, the token bucket is full. If the packet length in the subsequent one hour is different and the total packet length is 7200 Mbytes, these packets can obtain tokens and be forwarded. The packet rate is 16 Mbit/s (7200M*8/3600) but not 10 Mbit/s, that is, rate limiting is ineffective.

Similarly, the PIR and PBS should be configured properly for the Two-Rate-Two-Bucket mode.

4 Application of Rate Limiting

Common rate limiting technologies include traffic policing and traffic shaping. Figure 4-1 shows the application of traffic policing and traffic shaping.

Huawei switches support only Single-Rate-Single-Bucket and Two-Rate-Two-Bucket.

Figure 4-1 Application of rate limiting

20170410095450202001.png

 

5 MQC-based Traffic Policing

As mentioned above, traffic policing is often used in the inbound direction. The following example describes how to configure MQC-based traffic policing in the inbound direction. In Figure 5-1, voice, video, and data services are transmitted in VLAN 120, VLAN 110, and VLAN 100, respectively. Table 5-1 describes service quality requirements.

Table 5-1 Service quality requirements

Traffic Type

CIR (kbit/s)

PIR (kbit/s)

Description

Voice

8000

15000

Voice services have high requirements on real-time transmission. High bandwidth is set and the DSCP priority is re-marked with 46 to ensure that subsequent devices can forward voice packets preferentially.

Video

10000

20000

Video services require high bandwidth, and are less sensitive than voice services in terms of real-time transmission. High bandwidth is used and the DSCP priority is re-marked with 30.

Data

4000

4000

Data services do not have high requirements for packet loss and real-time transmission. The CIR and PIR are the same (similar to Single-Rate-Single-Bucket), and the DSCP priority is re-marked with 14.

 

Figure 5-1  Networking of traffic policing

20170410095451586002.png

 

The following describes the rate limiting configuration. The device interconnection configuration is not mentioned here.

1.         Configure traffic classifiers based on VLAN IDs.

[Switch] traffic classifier c1 operator and

[Switch-classifier-c1] if-match vlan-id 120

[Switch-classifier-c1] quit

[Switch] traffic classifier c2 operator and

[Switch-classifier-c2] if-match vlan-id 110

[Switch-classifier-c2] quit

[Switch] traffic classifier c3 operator and

[Switch-classifier-c3] if-match vlan-id 100

[Switch-classifier-c3] quit

2.         Create traffic behaviors, configure traffic policing parameters, and set priorities to be re-marked.

[Switch] traffic behavior b1

[Switch-behavior-b1] car cir 8000 pir 15000  //Set the rate limit of voice services.

[Switch-behavior-b1] remark dscp 46   //Configure the switch to re-mark the DSCP priority of voice packets with 46.

[Switch-behavior-b1] statistic enable  //Configure traffic statistics.

[Switch-behavior-b1] quit

[Switch] traffic behavior b2

[Switch-behavior-b2] car cir 10000 pir 20000  //Set the rate limit of video services.

[Switch-behavior-b2] remark dscp 30    //Configure the switch to re-mark the DSCP priority of voice packets with 30.

[Switch-behavior-b2] statistic enable

[Switch-behavior-b2] quit

[Switch] traffic behavior b3

[Switch-behavior-b3] car cir 4000      //Set the rate limit of data services.

[Switch-behavior-b3] remark dscp 14   //Configure the switch to re-mark the DSCP priority of voice packets with 14.

[Switch-behavior-b3] statistic enable

[Switch-behavior-b3] quit

3.         Configure a traffic policy and apply the traffic policy to GE0/0/20 in the inbound direction.

[Switch] traffic policy p1

[Switch-trafficpolicy-p1] classifier c1 behavior b1

[Switch-trafficpolicy-p1] classifier c2 behavior b2

[Switch-trafficpolicy-p1] classifier c3 behavior b3

[Switch-trafficpolicy-p1] quit

[Switch] interface gigabitethernet 0/0/20

[Switch-GigabitEthernet0/0/20] traffic-policy p1 inbound

[Switch-GigabitEthernet0/0/20] quit

4.         Use a tester to verify the configuration.

Verify rate limiting of data services.

For data packets, the CIR and PIR are the same. The implementation is equivalent to that of Single-Rate-Single-Bucket. Set the rate limit of data packets to 4000 kbit/s (4096000 bit/s) and the rate of packets to 4096000 bit/s, and use the tester to send packets to GE0/0/20.

20170410095452981003.png

 

Check packet statistics on the switch. You can see that no packet is discarded, the rate of packets does not exceed 4000 kbit/s, and all packets are forwarded.

20170410095453986004.png

 

Set the rate of packets on the tester to 5000 kbit/s (5120000 bit/s) and send the packets to GE0/0/20. Run the reset traffic policy statistics all command to clear packet statistics, and then check packet statistics. You can see that the rate of packets in the inbound direction is 4000 kbit/s and the switch starts to discard packets.

20170410095453159005.png

 

Verify rate limiting of video services.

Two-Rate-Two-Bucket is used for video services, and the CIR is 10000 kbit/s and the PIR is 20000 kbit/s.

The rate that is smaller than the CIR or larger than the PIR is not verified. When the rate is smaller than the CIR, all packets are allowed to pass. When the rate is larger than the PIR, packets are discarded.

The rate in the range of the CIR and PIR is verified. The configuration is as follows. Packets marked in yellow (its rate is larger than the CIR but is smaller than or equal to the PIR) are allowed to pass by default. That is, the switch limits the rate of packets at the PIR.

20170410095454155006.png

 

Use the tester to send packets of 15000 kbit/s (15360000 bit/s). You can see that no packet is lost, indicating that the switch limits packets at the PIR.

20170410095455401007.png

20170410095456688008.png

 

6 Traffic Shaping

The following describes how to configure traffic shaping. In Figure 6-1, packets are mapped to queues based on priorities and importance and shaping is performed for different queues. The requirements are as follows:

l   The CIR and PIR for voice services are 3000 kbit/s and 5000 kbit/s, respectively.

l   The CIR and PIR for video services are 5000 kbit/s and 8000 kbit/s, respectively.

l   The CIR and PIR for data services are 2000 kbit/s and 3000 kbit/s, respectively.

Figure 6-1 Networking of traffic shaping

20170410095457595009.png

The configuration procedure is as follows:

1.         Configure the switch to map packets with 802.1p priorities of 6, 5, and 2 to PHBs CS7, EF, and AF2.

[Switch] diffserv domain ds1

[Switch-dsdomain-ds1] 8021p-inbound 6 phb cs7

[Switch-dsdomain-ds1] 8021p-inbound 5 phb ef

[Switch-dsdomain-ds1] 8021p-inbound 2 phb af2

[Switch-dsdomain-ds1] quit

2.         Configure traffic shaping for different queues on interfaces.

[Switch] interface gigabitethernet 1/0/1

[Switch-GigabitEthernet1/0/1] trust upstream ds1

[Switch-GigabitEthernet1/0/1] quit

[Switch] interface gigabitethernet 2/0/1

[Switch-GigabitEthernet2/0/1] qos queue 7 shaping cir 3000 pir 5000

[Switch-GigabitEthernet2/0/1] qos queue 5 shaping cir 5000 pir 8000

[Switch-GigabitEthernet2/0/1] qos queue 2 shaping cir 2000 pir 3000

[Switch-GigabitEthernet2/0/1] quit

The verification is similar to that of traffic policing, and is not mentioned here.

7 Interface-based Rate Limiting

Interface-based rate limit is performed for all packets on an interface. When the packet type does not need to be differentiated and the rate of traffic passing an interface needs to be limited, interface-based rate limiting can be used.

Interface-based rate limiting can be applied to the outbound and inbound directions.

l   Inbound interface-based traffic policing is equivalent to traffic policing without differentiating packet types.

Modular switch

1.     Run the qos car car-name cir cir-value [ cbs cbs-value [ pbs pbs-value ] | pir pir-value [ cbs cbs-value pbs pbs-value ] ] command to configure a CAR profile.

2.     Run the interface interface-type interface-number command to enter the interface view.

3.     Run the car inbound car-name command to apply the CAR profile to the interface.

Fixed switch

1.     Run the interface interface-type interface-number command to enter the interface view.

2.     Run the qos lr inbound cir cir-value [ cbs cbs-value ] command to configure inbound interface-based traffic policing.

 

l   Outbound interface-based rate limiting is equivalent to traffic shaping for all queues. If the packet priority of each queue is the same, you can configure interface-based traffic shaping.

Modular switch

1.     Run the interface interface-type interface-number command to enter the interface view.

2.     Run the qos lr cir cir-value [ cbs cbs-value ] [ outbound ] command to configure outbound interface-based traffic policing.

Fixed switch

1.     Run the interface interface-type interface-number command to enter the interface view.

2.     Run the qos lr outbound cir cir-value [ cbs cbs-value ] command to configure outbound interface-based traffic policing.


This article contains more resources

You need to log in to download or view. No account?Register

x
  • x
  • convention:

gululu
Admin Created Apr 10, 2017 09:50:08 Helpful(0) Helpful(0)

good,thanks!
  • x
  • convention:

Come on!

Comment

Reply
You need to log in to reply to the post Login | Register

Notice Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " Privacy."
If the attachment button is not available, update the Adobe Flash Player to the latest version!
Login and enjoy all the member benefits

Login and enjoy all the member benefits

Login