6 VPP implements several policer types, that don't always conform
7 to the related RFCs [#rfc2697]_ [#rfc2698]_ [#rfc4115]_.
8 Only policers implemented in VPP will be presented, along with
9 the differences they have compared to RFCs.
18 This is the most straightforward policer. There is no RFC describing it,
19 however we can found its description in many documentation [#juniper]_ [#cisco]_ .
21 A 1r2c policer is great to classify incoming packets into two categories:
22 conforming packets (said green), and violating ones (said red).
27 To set-up such a policer, only two parameters are needed:
29 Committed Information Rate (CIR)
30 Given in bytes per second, this parameter is the average
31 throughput allowed by the policer.
33 It sets the limit between conforming arriving packets (those making the
34 traffic fall below the CIR), and violating arriving packets
35 (those making the traffic exceed the CIR).
37 Committed Burst Size (CBS)
38 It represents the size (in bytes) of a token bucket used to allow
39 some burstiness from the incoming traffic.
41 .. figure:: /_images/policer-1r2c-bucket.png
45 Figure 1: 1r2c bucket filling logic
47 The committed token bucket (C) is filling up at CIR tokens (bytes)
48 per second, up to CBS tokens. All overflowing tokens are lost.
53 .. image:: /_images/policer-1r2c-blind.png
62 In online documentation, there is no trace of a color-aware 1r2c policer.
63 However, VPP implementation allows such a thing.
65 .. image:: /_images/policer-1r2c-aware.png
72 1 rate 3 color (1r3c) RFC 2697 [#rfc2697]_
73 ------------------------------------------
75 As for the `1 rate 2 color (1r2c)`_ policer, only one rate parameters is required
76 to setup a 1r3c policer. However, such a policer adds another kind of packet category:
77 exceeding ones (said yellow).
82 To set-up such a policer, three parameters are needed:
84 Committed Information Rate (CIR)
85 As in the `1 rate 2 color (1r2c)`_ policer.
87 Committed Burst Size (CBS)
88 As in the `1 rate 2 color (1r2c)`_ policer.
90 Excess Burst Size (EBS)
91 It represents the size (in bytes) of a second token bucket used
92 to allow an additional burstiness from the incoming traffic, when
93 traffic as been below the CIR for some time.
95 .. figure:: /_images/policer-1r3c-bucket.png
99 Figure 2: 1r3c buckets filling logic
101 The committed token bucket (C) is filling up at CIR tokens (bytes)
102 per second, up to CBS tokens. When C is full, tokens are overflowing
103 into the excess token bucket (E), up to EBS tokens. Only overflowing
104 tokens from E are lost.
106 Color-Blind algorithm
107 ~~~~~~~~~~~~~~~~~~~~~
109 .. image:: /_images/policer-1r3c-blind.png
115 Color-Aware algorithm
116 ~~~~~~~~~~~~~~~~~~~~~
118 .. image:: /_images/policer-1r3c-aware.png
127 In the RFC 2697 [#rfc2697]_ describing the 1r3c policer, conforming (green) packets
128 only consume tokens from the token bucket C. Whereas, in VPP, they also consume tokens from E.
130 One way to stick to the RFC is then to set the EBS parameter to be superior to CBS, so that
131 EBS - CBS corresponds to the EBS from the RFC.
133 However, VPP does not enforce setting EBS > CBS, which could result in undesired behavior.
135 2 rate 3 color (2r3c) RFC 2698 [#rfc2698]_
136 ------------------------------------------
138 Instead of setting the limit between yellow and red packets in terms of bursts,
139 as it is done by `1 rate 3 color (1r3c) RFC 2697`_ policers, two rate policers introduce
140 another rate parameter to discriminate between those two kinds of packets.
145 To set-up such a policer, four parameters are needed:
147 Committed Information Rate (CIR)
148 As in the `1 rate 2 color (1r2c)`_ policer.
150 Committed Burst Size (CBS)
151 As in the `1 rate 2 color (1r2c)`_ policer.
153 Peak Information Rate (PIR)
154 Given in bytes per second, this parameter is the average
155 throughput allowed by the policer when there is a peak in
158 It sets a second limit between exceeding arriving packets
159 (those making the traffic fall below the PIR, but above CIR),
160 and violating arriving packets (those making the traffic exceed the PIR).
162 Peak Burst Size (PBS)
163 It represents the size (in bytes) of a second token bucket used
164 to allow an additional peak traffic.
166 .. figure:: /_images/policer-2r3c-bucket.png
170 Figure 2: 2r3c-rfc2698 buckets filling logic
172 The committed token bucket (C) is filling up at CIR tokens (bytes)
173 per second, up to CBS tokens. In the meantime, the peak token bucket (P)
174 is filling up at PIR tokens per second, up to PBS. All overflowing tokens
175 from C and P are lost.
177 Color-Blind algorithm
178 ~~~~~~~~~~~~~~~~~~~~~
180 .. image:: /_images/policer-2r3c-blind.png
186 Color-Aware algorithm
187 ~~~~~~~~~~~~~~~~~~~~~
189 .. image:: /_images/policer-2r3c-aware.png
198 To have a working policer, the condition PIR >= CIR needs to hold.
199 Indeed, since we assume that peak traffic should have a greater
200 rate than committed ones.
203 2 rate 3 color (2r3c) RFC 4115 [#rfc4115]_
204 ------------------------------------------
206 The 2r3c-RFC4115 is an allowed choice by VPP. However, there is currently
207 no implementation of such a policer. Hence, the only two rate policer VPP
208 implements is the `2 rate 3 color (2r3c) RFC 2698`_ policer.
211 .. rubric:: References:
213 .. [#juniper] https://www.juniper.net/documentation/us/en/software/junos/traffic-mgmt-nfx/routing-policy/topics/concept/tcm-overview-cos-qfx-series-understanding.html
214 .. [#cisco] https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/qos_mqc/configuration/xe-16-8/qos-mqc-xe-16-8-book/qos-pkt-policing.html
215 .. [#rfc2697] https://www.rfc-editor.org/rfc/rfc2697.html
216 .. [#rfc2698] https://www.rfc-editor.org/rfc/rfc2698.html
217 .. [#rfc4115] https://www.rfc-editor.org/rfc/rfc4115.html