• Used to meter a packet flow rate.
    • Marks packets that exceed metered rate.
    • Drop is a mark action.
  • Normally an ingress operation.
    • PE ingress from CE for example.
  • Policing has two parameters
    • Metering rate – CIR
    • Averaging interval – Tc
  • Larger Tc the more bursting is allowed
    • Bc = CIR*Tc is max burst size allowed momentarily (in bytes)
  • Be – excessive burst
    • Max amount of bytes allowed above Bc during Tc.
    • Only allowed if Bc was not fully utilized before.
  • Single-Rate Policing Syntax
    • Configuration
      • ‘police <cir> <CIR> <Bc> <Be>’
      • CIR in bps while bursts are in bytes
    • Applied to an MQC class
      • Three actions (colors): conform, exceed, violate
      • Exceed: flow exceeds Bc but under Bc+Be
      • Violate: burst size exceeds Bc+Be
  • Dual-Rate Policing Syntax
    • Configuration
      • ‘police cir <CIR> bc <Bc> pir <PIR> be <Be>’
    • Normally used to implement two-rate access.
      • Customer is guaranteed CIR.
      • Allowed to send up to PIR
      • Traffic between PIR and CIR are marked
        • Lower DSCP
  • Shaping and Policing Together
    • Operations are Complimentary
      • Shaping is done egress.
      • Policing is done ingress.
    • Parameters should match
      • Shaping is set to match policing
      • Same CIR, Bc and Be
        • Policing values could be greater.


  • Traffic policing CAN be done on both input and output queue.
  • Traffic Policing is used to REMARK traffic that exceeds rate.
    • Often times that mark is going to drop, but not always.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s