Traffic evaluation and token buckets, Token bucket, Evaluating traffic with the token bucket – H3C Technologies H3C SecPath F1000-E User Manual

319

•

Delivering the packet to next-level traffic policing with its IP precedence re-marked if the evaluation

result is "conforming."

•

Entering the next-level policing (you can set multiple traffic policing levels each focused on specific
objects).

Traffic evaluation and token buckets

Token bucket

To perform traffic policing, a device must evaluate traffic to determine whether it has exceeded the
specifications. This is typically done with token buckets.
A token bucket is analogous to a container holding a certain number of tokens. The system puts tokens

into the bucket at a set rate. When the token bucket is full, the extra tokens overflows.

Evaluating traffic with the token bucket

The evaluation of traffic specifications is based on whether the number of tokens in the bucket can meet

the need of packet forwarding. Generally, one token is associated with a 1-bit forwarding authority. If the

number of tokens in the bucket is enough for forwarding the packets, the traffic conforms to the

specification and is called conforming traffic; otherwise, the traffic does not conform to the specification

and is called excess traffic.
A token bucket has the following configurable parameters:

•

Mean rate—Rate at which tokens are put into the bucket, namely, the permitted average rate of
traffic. It is usually set to the committed information rate (CIR).

•

Burst size—Capacity of the token bucket, namely, the maximum traffic size that is permitted in each
burst. It is usually set to the committed burst size (CBS). The set burst size must be greater than the

maximum packet size.

Evaluation is performed for each arriving packet. In each evaluation, if the number of tokens in the bucket
is enough, the traffic conforms to the specification and the tokens for forwarding the packet are taken

away; if the number of tokens in the bucket is not enough, the traffic is excessive.

Complicated evaluation

You can set two token buckets, the C bucket and the E bucket, to evaluate traffic in a more complicated

environment and achieve more policing flexibility. For example, traffic policing uses three parameters:

•

CIR—Rate at which tokens are put into the C bucket, that is, the average packet transmission or
forwarding rate allowed by the C bucket.

•

CBS—Size of the C bucket, that is, transient burst of traffic that the C bucket can forward.

•

Excess burst size (EBS)—Size of the E bucket, that is, transient burst of traffic that the E bucket can
forward.

CBS is implemented with the C bucket and EBS with the E bucket. In each evaluation, packets are

measured against the buckets:

•

If the C bucket has enough tokens, packets are colored green.

•

If the C bucket does not have enough tokens but the E bucket has enough tokens, packets are
colored yellow.

•

If neither the C bucket nor the E bucket has sufficient tokens, packets are colored red.