Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

TechLibrary
Navigation

Policer Overhead to Account for Rate Shaping in the Traffic Manager

Policer Overhead to Account for Rate Shaping Overview

If you configure ingress or egress traffic-shaping overhead values for an interface, the traffic manager cannot apply these values to any rate-limiting also applied to the interface. To enable the router to account for the additional Ethernet frame length when policing actions are being determined, you must configure the ingress or egress overhead values for policers separately.

Note: When a policer overhead value is changed, the PIC or DPC goes offline and then comes back online.

For Gigabit Ethernet Intelligent Queuing 2 (IQ2) and Enhanced IQ2 (IQ2E) PICs or interfaces on Dense Port Concentrators (DPCs) in MX Series routers, you can control the rate of traffic that passes through all interfaces on the PIC or DPC by configuring a policer overhead. You can configure a policer ingress overhead and a policer egress overhead, each with values from 0 through 255 bytes. The policer overhead values are added to the length of the final Ethernet frame when determining ingress and egress policer actions.

Example: Configuring Policer Overhead to Account for Rate Shaping

This example shows how to configure overhead values for policers when rate-shaping overhead is configured.

Requirements

Before you begin, make sure that interface for which you are applying ingress or egress policer overhead is hosted on one of the following:

  • Gigabit Ethernet IQ2 PIC
  • IQ2E PIC
  • DPCs in MX Series routers

Overview

This example shows how to configure policer overhead values for all physical interfaces on a supported PIC or MPC so that the rate shaping value configured on a logical interface is accounted for in any policing on that logical interface.

Topology

The router hosts a Gigabit Ethernet IQ2 PIC, installed in PIC location 3 of the Flexible PIC Concentrator (FPC) in slot number 1. The physical interface on port 1 on that PIC is configured to receive traffic on logical interface 0 and send it back out on logical interface 1. Class-of-service scheduling includes 100 Mbps of traffic rate-shaping overhead for the output traffic. A policer egress overhead of 100 bytes is configured on the entire PIC so that, for any policers applied to the output traffic, 100 bytes are added to the final Ethernet frame length when determining ingress and egress policer actions.

Traffic rate-shaping and corresponding policer overhead are configured separately:

  • You configure rate shaping at the [edit class-of-service interfaces interface-name unit unit-number] hierarchy level.
  • You configure policer overhead at the [edit chassis fpc slot-number pic pic-number] hierarchy level.

When a policer overhead value is changed, the PIC or DPC goes offline and then comes back online.

Configuration

The following example requires you to navigate various levels in the configuration hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration Mode.

To configure this example, perform the following tasks:

CLI Quick Configuration

To quickly configure this example, copy the following configuration commands into a text file, remove any line breaks, and then paste the commands into the CLI at the [edit] hierarchy level.

set interfaces ge-1/3/1 per-unit-schedulerset interfaces ge-1/3/1 vlan-taggingset interfaces ge-1/3/1 unit 0 vlan-id 100set interfaces ge-1/3/1 unit 0 family inet address 10.10.10.1/30set interfaces ge-1/3/1 unit 1 vlan-id 101set interfaces ge-1/3/1 unit 1 family inet address 20.20.20.1/30 arp 20.20.20.2 mac 00:00:11:22:33:44set class-of-service schedulers be transmit-rate percent 5set class-of-service schedulers ef transmit-rate percent 30set class-of-service schedulers af transmit-rate percent 30set class-of-service schedulers nc transmit-rate percent 35set class-of-service scheduler-maps my-map forwarding-class best-effort scheduler beset class-of-service scheduler-maps my-map forwarding-class expedited-forwarding scheduler efset class-of-service scheduler-maps my-map forwarding-class network-control scheduler ncset class-of-service scheduler-maps my-map forwarding-class assured-forwarding scheduler afset class-of-service interfaces ge-1/3/1 unit 1 scheduler-map my-mapset class-of-service interfaces ge-1/3/1 unit 1 shaping-rate 100mset firewall policer 500Kbps logical-interface-policerset firewall policer 500Kbps if-exceeding bandwidth-limit 500kset firewall policer 500Kbps if-exceeding burst-size-limit 625kset firewall policer 500Kbps then discardset chassis fpc 1 pic 3 ingress-policer-overhead 100set chassis fpc 1 pic 3 egress-policer-overhead 100set interfaces ge-1/3/1 unit 0 family inet policer input 500Kbps

Configuring the Logical Interfaces

Step-by-Step Procedure

To configure the logical interfaces:

  1. Enable configuration of the interface

    [edit]user@host# edit interfaces ge-1/3/1

  2. Enable multiple queues for each logical interface (so that you can associate an output scheduler with each logical interface).

    [edit interfaces ge-1/3/1]user@host# set per-unit scheduleruser@host# set vlan-tagging

    Note: For Gigabit Ethernet IQ2 PICs only, use the shared-scheduler statement to enable shared schedulers and shapers on a physical interface.

  3. Configure logical interface ge-1/3/1.0.

    [edit interfaces ge-1/3/1]user@host# set unit 0 vlan-id 100user@host# set unit 0 family inet address 10.10.10.1/30

  4. Configure logical interface ge-1/3/1.1.

    [edit interfaces ge-1/3/1]user@host# set unit 1 vlan-id 101user@host# set unit 1 family inet address 20.20.20.1/30 arp 20.20.20.2 mac 00:00:11:22:33:44

Results

Confirm the configuration of the interfaces by entering the show interfaces configuration mode command. If the command output does not display the intended configuration, repeat the instructions in this procedure to correct the configuration.

[edit]user@host# show interfaces
ge-1/3/1 {per-unit-scheduler;vlan-tagging;unit 0 {vlan-id 100;family inet {address 10.10.10.1/30;}}unit 1 {vlan-id 101;family inet {address 20.20.20.1/30 {arp 20.20.20.2 mac 00:00:11:22:33:44;}}}}

Configuring Traffic Rate-Shaping on the Logical Interface That Carries Output Traffic

Step-by-Step Procedure

To configure traffic rate-shaping on the logical interface that carries output traffic:

  1. Enable configuration of class-of-service features.

    [edit]user@host# edit class-of-service

  2. Configure packet scheduling on logical interface ge-1/3/1.0.

    1. Configure schedulers that specify the percentage of transmission capacity.

      [edit class-of-service]user@host# edit schedulers [edit class-of-service schedulers]user@host# set be transmit-rate percent 5user@host# set ef transmit-rate percent 30user@host# set af transmit-rate percent 30user@host# set nc transmit-rate percent 35
      A percentage of zero drops all packets in the queue. When the rate-limit option is specified, the transmission rate is limited to the rate-controlled amount. In contrast with the exact option, a scheduler with the rate-limit option shares unused bandwidth above the rate-controlled amount.

    2. Configure a scheduler map to associate each scheduler with a forwarding class.

      [edit class-of-service]user@host# edit scheduler-maps my-map [edit class-of-service scheduler-maps my-map]user@host# set forwarding-class best-effort scheduler beuser@host# set forwarding-class expedited-forwarding scheduler efuser@host# set forwarding-class network-control scheduler ncuser@host# set forwarding-class assured-forwarding scheduler af

    3. Associate the scheduler map with logical interface ge-1/3/1.0.

      [edit class-of-service]user@host# edit interfaces ge-1/3/1 unit 1 [edit class-of-service interfaces ge-1/3/1 unit 1]user@host# set scheduler-map my-map

  3. Configure 100 Mbps of traffic rate-shaping overhead on logical interface ge-1/3/1.1.

    [edit class-of-service interfaces ge-1/3/1 unit 1]user@host# set shaping-rate 100
    Alternatively, you can configure a shaping rate for a logical interface and oversubscribe the physical interface by including the shaping-rate statement at the [edit class-of-service traffic-control-profiles] hierarchy level. With this configuration approach, you can independently control the delay-buffer rate.

Results

Confirm the configuration of the class-of-service features (including the 100 Mbp of shaping of the egress traffic) by entering the show class-of-service configuration mode command. If the command output does not display the intended configuration, repeat the instructions in this procedure to correct the configuration.

[edit]user@host# show class-of-service
interfaces {ge-1/3/1 {unit 1 {scheduler-map my-map;shaping-rate 100m;}}}
scheduler-maps {my-map {forwarding-class best-effort scheduler be;forwarding-class expedited-forwarding scheduler ef;forwarding-class network-control scheduler nc;forwarding-class assured-forwarding scheduler af;}}
schedulers {be {transmit-rate percent 5;}ef {transmit-rate percent 30;}af {transmit-rate percent 30;}nc {transmit-rate percent 35;}}

Configuring Policer Overhead on the PIC or MPC That Hosts the Rate-Shaped Logical Interface

Step-by-Step Procedure

To configure policer overhead on the PIC or MPC that hosts the rate-shaped logical interface:

  1. Enable configuration of the supported PIC or MPC.

    [edit]user@host# set chassis fpc 1 pic 3

  2. Configure 100 bytes of policer overhead on the supported PIC or MPC.

    [edit]user@host# set ingress-policer-overhead 100user@host# set egress-policer-overhead 100

    Note: These values are added to the length of the final Ethernet frame when determining ingress and egress policer actions for all physical interfaces on the PIC or MPC.

    You can specify policer overhead with values from 0 through 255 bytes.

Results

Confirm the configuration of the policer overhead on the physical interface to account for rate-shaping by entering the show chassis configuration mode command. If the command output does not display the intended configuration, repeat the instructions in this procedure to correct the configuration.

[edit]user@host# show chassis
chassis {fpc 1 {pic 3 {egress-policer-overhead 100;ingress-policer-overhead 100;}}}

Applying a Policer to the Logical Interface That Carries Input Traffic

Step-by-Step Procedure

To apply a policer to the logical interface that carries input traffic:

  1. Configure the logical interface (aggregate) policer.

    [edit]user@host# edit firewall policer 500Kbps [edit firewall policer 500Kbps]user@host# set logical-interface-policeruser@host# set if-exceeding bandwidth-limit 500kuser@host# set if-exceeding burst-size-limit 625kuser@host# set then discard

  2. Apply the policer to Layer 3 input on the IPv4 logical interface.

    [edit]user@host# set interfaces ge-1/3/1 unit 0 family inet policer input 500Kbps

    Note: The 100 Mbps policer overhead is added to the length of the final Ethernet frame when determining ingress and egress policer actions,

Results

Confirm the configuration of the policer with rate-shaping overhead by entering the show firewall and show interfaces configuration mode commands. If the command output does not display the intended configuration, repeat the instructions in this procedure to correct the configuration.

[edit]user@host# show firewall
policer 500Kbps {logical-interface-policer;if-exceeding {bandwidth-limit 500k;burst-size-limit 625k;}then discard;}
[edit]user@host# show interfaces
ge-1/3/1 {per-unit-scheduler;vlan-tagging;unit 0 {vlan-id 100;layer2-policer {input-policer 500Kbps;}family inet {address 10.10.10.1/30;}}unit 0 {vlan-id 101;family inet {address 20.20.20.1/30 {arp 20.20.20.2 mac 00:00:11:22:33:44;}}}}

If you are done configuring the device, enter commit from configuration mode.

Verification

Confirm that the configuration is working properly.

Displaying Traffic Statistics and Policers for the Logical Interface

Purpose

Verify the traffic flow through the logical interface and that the policer is evaluated when packets are received on the logical interface.

Action

Use the show interfaces operational mode command for logical interface ge-1/3/1.0, and include the detail or extensive option. The command output section for Traffic statistics lists the number of bytes and packets received and transmitted on the logical interface, and the Protocol inet section contains a Policer field that would list the policer 500Kbps as an input or output policer as follows:

  • Input: 500Kbps-ge-1/3/1.0-log_int-i
  • Output: 500Kbps-ge-1/3/1.0-log_int-o

The log_int-i suffix denotes a logical interface policer applied to input traffic, while the log_int-o suffix denotes a logical interface policer applied to output traffic. In this example, the logical interface policer is applied to Input traffic only.

Displaying Statistics for the Policer

Purpose

Verify the number of packets evaluated by the policer.

Action

Use the show policer operational mode command and optionally specify the name of the policer. The command output displays the number of packets evaluated by each configured policer (or the specified policer), in each direction. For the policer 500Kbps, the input and output policer names are displayed as follows:

  • 500Kbps-ge-1/3/1.0-log_int-i
  • 500Kbps-ge-1/3/1.0-log_int-o

The log_int-i suffix denotes a logical interface policer applied to input traffic, while the log_int-o suffix denotes a logical interface policer applied to output traffic. In this example, the logical interface policer is applied to input traffic only.

 

Related Documentation

 

Published: 2013-04-10

Previous Page Next Page