Filter
Top Products
63-8
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 63 Configuring Quality of Service
Quality of Service on Cisco IOS Routers
mean rate = burst size / time interval
These terms are defined as follows:
• Mean rate—Also called the committed information rate (CIR), it specifies how much data can be
sent or forwarded per unit time on average. The CIR is defined either as an absolute value or as a
percentage of the available bandwidth on the interface. When defined as a percentage, the equivalent
value in bits per second (bps) is calculated after deployment based on the interface bandwidth and
the percent value defined in the policy.
Note If the interface bandwidth changes (for example, more bandwidth is added), the bps value
of the CIR is recalculated based on the revised amount of bandwidth.
• Burst size—Also called the committed burst (Bc) size, it specifies for each burst how much data can
be sent within a given time without creating scheduling concerns. When you use percentages to
calculate the CIR, burst size is measured in milliseconds.
• Time interval—Also called the measurement interval, it specifies the amount of time in seconds per
burst. Over any integral multiple of this interval, the bit rate of the interface does not exceed the
mean rate. The bit rate, however, might be arbitrarily fast within the interval.
In the token-bucket metaphor, tokens are put into the bucket at a certain rate. These tokens represent
permission for the source to send a certain number of bits into the network. To send a packet, the
regulator (policer or shaper) must remove a number of tokens from the bucket that equals the packet size.
Security Manager uses a two-bucket algorithm, as shown in Figure 63-3. The first bucket is the conform
bucket and the second bucket is the exceed bucket. The full size of the conform bucket is the number of
bytes specified as the normal burst size. The full size of the exceed bucket is the number of bytes
specified in the maximum burst size. Both buckets are initially full, and they are updated based on the
token arrival rate, which is determined by the CIR. If the number of bytes in the arriving packet is less
than the number of bytes in the conform bucket, the packet conforms. The required number of tokens are
removed from the conform bucket and the defined conform action is taken (for example, the packet is
transmitted). The exceed bucket is unaffected.
If the conform bucket does not contain sufficient tokens, the excess token bucket is checked against the
number of bytes in the packet. If enough tokens are present in the two buckets combined, the exceed
action is taken on the packet and the required number of bytes are removed from each bucket. If the
exceed bucket contains an insufficient number of bytes, the packet is in violation of the burst limits and
the violate action is taken on the packet.