Chapter 6
"Do I Know This Already" Quiz
| 1. | How big is the token bucket used by CB Shaping when no excess bursting is configured? | | Answer: | C
| | 2. | Which of the following are true about Policers in general, but not true about Shapers? Monitors traffic rates using concept of token bucket Can discard traffic that exceeds a defined traffic rate Can delay packets by queuing in order to avoid exceeding a traffic rate
| | Answer: | B, D
| | 3. | If shaping was configured with a rate of 128Kbps, and a Bc of 3200, what value would be calculated for Tc? Not enough information to tell
| | Answer: | C
The formula is Tc = Bc/CIR
| | 4. | With dual-rate policing, upon what value does the policer base the size of the token bucket associated with the second, higher policing rate? Not based on any other valueit must be statically configured.
| | Answer: | B
The size of the bucket = Be (in bytes).
| | 5. | With single-rate policing, with three possible actions configured, how does the policer replenish tokens into the excess token bucket? By filling Bc * Tc tokens into the first bucket each time interval, with spilled tokens refilling the excess token bucket. By refilling the first bucket, based on a pro-rated amount of Bc, with spilled tokens refilling the excess token bucket. By Be * Tc each time interval By putting a pro-rated amount of Be into the excess token bucket directly.
| | Answer: | B
The size of the bucket = Be (in bytes).
|
Configuring Class-Based Shaping
| 6. | Which of the following commands, when typed in the correct configuration mode, enables shaping at 128 kbps, with no excess burst? shape average 128000 8000 0
| | Answer: | A
shape peak actually shapes at a higher rate. Also, Be defaults to be equal to Bc, so to make it 0, you must set it directly. Also, the shaping rate is configured in bits/second.
| | 7. | Examine the following configuration, noting the locations of the comments lines labeled "point 1", point 2", and so on. Assume that a correctly-configured policy map that implements CBWFQ, called queue-it, is also configured but not shown. In order to enable CBWFQ for the packets queued by CB Shaping, what command is required, and at what point in the configuration would the command be required?
policy-map shape-question
! point 1
class class-default
! point 2
shape average 256000 5120
! point 3
interface serial 0/0
! point 4
service-policy output shape-question
! point 5
interface s0/0.1 point-to-point
! point 6
ip address 1.1.1.1
! point 7
frame-relay interface-dlci 101
! point 8
service-policy queue-it, at point 1 service-policy queue-it, at point 3 service-policy queue-it, at point 5 service-policy queue-it, at point 6 shape queue service-policy queue-it, at point 1 shape queue service-policy queue-it, at point 3 shape queue service-policy queue-it, at point 5 shape queue service-policy queue-it, at point 6
| | Answer: | B
The command could also have been used a point 2 in the configuration snippet.
| | 8. | Using the same configuration snippet as in the previous question, what command would list the calculated Tc value, and what would that value be? show policy-map, Tc = 125 ms show policy-map, Tc = 20 ms show policy-map, Tc = 10 ms show policy-map interface s0/0, Tc = 125 ms show policy-map interface s0/0, Tc = 20 ms show policy-map interface s0/0, Tc = 10 ms
| | Answer: | C
|
Configuring Class-Based Policing
| 9. | Which of the following commands, when typed in the correct configuration mode, enables CB policing at 128 kbps, with no excess burst? police 128000 conform-action transmit exceed-action transmit violate-action discard police 128 conform-action transmit exceed-action transmit violate-action discard police 128000 conform-action transmit exceed-action discard police 128 conform-action transmit exceed-action discard police 128k conform-action transmit exceed-action discard
| | Answer: | C
The rate is configured in bits/second, and the omission of the violate-action keyword implies that the policer has no excess burst capability.
| | 10. | Examine the following configuration. Which of the following commands would be required to change this configuration so that the policing function would be a dual-rate policer, with CIR of 256 kbps and double that for the peak rate?
policy-map police-question
class class-default
police 256000 conform-action transmit exceed-action set-dscp-transmit af11
violate-action discard
interface serial 0/0
service-policy input police-question
interface s0/0.1 point-to-point
ip address 1.1.1.1
frame-relay interface-dlci 101
Replace the existing police command with police cir 256000 Bc 4000 Be 4000 conform-action transmit exceed-action transmit violate-action drop Replace the existing police command with police cir 256000 pir 512000 conform-action transmit exceed-action set-dscp-transmit af11 violate-action drop Replace the existing police command with police 256000 512000 conform-action transmit exceed-action transmit violate-action drop Replace the existing police command with police cir 256000 pir 2x conform-action transmit exceed-action transmit violate-action drop
| | Answer: | B
| | 11. | In the previous question, none of the answers specified the settings for Bc and Be. What would CB policing calculate for Bc and Be when policing at rates of 256 kbps and 512 kbps with a dual-rate policing configuration? 4000 and 4000, respectively 4000 and 8000, respectively 32000 and 32000, respectively 32000 and 64000, respectively
| | Answer: | B
Bc and Be are in bytes, with the formula to calculate each being Bc = CIR/32, and Be = PIR/32.
| | 12. | Examine the following configuration, which shows all commands pertinent to this question. Which of the following police commands would be required to enable single-rate policing at approximately 128 kbps, with the Bc set to cause Tc = 10ms? (Note that a comment line shows where the police command would be added to the configuration.)
policy-map police-question2
class class-default
! police command goes here
interface serial 0/0
service-policy input police-question2
interface s0/0.1 point-to-point
ip address 1.1.1.1
frame-relay interface-dlci 101
police cir 128000 Bc 1280 conform-action transmit exceed-action transmit violate-action discard police cir percent 8 conform-action transmit exceed-action transmit violate-action discard police cir 128000 Tc 10 conform-action transmit exceed-action transmit violate-action discard police cir percent 8 Bc 10 ms conform-action transmit exceed-action transmit violate-action discard
| | Answer: | B
With percent-based policing, the police rate is 8% of 1544 kbps (default interface bandwidth), or around 123 kbps. The Bc value actually represents Tc, with BC = Tc*CIR, in bytes. In this case, Bc = 154 bytes.
|
Q&A
| 1. | Explain the points during the process of a single router receiving and forwarding traffic at which shaping and policing can be enabled on a router. | | Answer: | Shaping can be enabled for packets exiting an interface, subinterface, or individual VC. Policing can be performed both on packets entering an interface or exiting an interface.
| | 2. | Compare and contrast the actions that shaping and policing take when a packet exceeds a traffic contract. | | Answer: | Shaping queues packets when the shaping rate is exceeded. Policing either discards the packet, just transmits the packet, or it re-marks a QoS field before transmitting the packet.
| | 3. | Compare and contrast the effects that shaping and policing have on bandwidth, delay, jitter, and loss. | | Answer: | Shaping places packets into queues when the actual traffic rate exceeds the traffic contract, which causes more delay, and more jitter. Policing when making a simple decision to either discard or forward each packet causes more packet loss, but less delay and jitter for the packets that do make it through the network. Shaping and Policing both limit the amount of bandwidth allowed for a particuilar class of traffic.
| | 4. | Describe the typical locations to enable shaping and policing in an internetwork. | | Answer: | Shaping is typically performed before sending packets into a network that is under some other administrative control. For instance, shaping is typically performed before sending packets from an enterprise into a service provider's Frame Relay network. Policing, although supported as both an input and output function, is typically performed at ingress points, once again at the edge between two administrative domains.
| | 5. | Describe the reasons behind egress blocking in a Frame Relay network with a T1 access link at the main site, 128-kbps access links at each of 20 remote sites, with 64-kbps CIR VCs from the main site to each remote site. | | Answer: | Egress blocking can occur for frames leaving the Frame Relay network going to the main site, because the sum of the access rates of the 20 sites exceeds the access rate at the main site. Egress blocking occurs for packets leaving the Frame Relay network going to an individual remote site, because the access rate at the main site exceeds the access rate at each remote site.
| | 6. | If a router has CB Shaping configured, with a shaping rate of 256 kbps, and a Bc of 16,000 bits, what Tc value does the shaping tool use? | | Answer: | Because Tc = Bc/CIR, the answer is 16,000/256,000, or 62.5 ms.
| | 7. | If a router has CB Shaping configured, with a shaping rate of 512 kbps, and a Be of 16,000 bits, what Tc value does the shaping tool use? | | Answer: | Tc is not calculated based on Be. However, at rates higher than 320 kbps, CB Shaping uses a set 25 ms Tc.
| | 8. | Define the terms Tc, Bc, Be, and CIR. | | Answer: | Tc: Time interval, measured in milliseconds, over which the committed burst (Bc) can be sent.
Bc: committed burst size, measured in bits. This is the amount of traffic that can be sent during every interval Tc. Typically also defined in the traffic contract.
Be: Excess burst size, in bits. This is the number of bits beyond Bc that can be sent in the first Tc after a period of inactivity.
CIR: committed information rate, in bits per second, defines the amount of bandwidth that the provider has agree to provide as defined in the traffic contract.
| | 9. | Describe the concept of traffic-shaping adaption. | | Answer: | Adaption causes the shaper to reduce the shaping rate during congestion. Shapingreacts to frames with the BECN bit set, or to Foresight congestion messages.
| | 10. | Describe the difference between interface output queues and shaping queues, and explain where the queues could exist on a router with 1 physical interface and 20 subinterfaces. | | Answer: | Output queues exist on the physical interface, and can be controlled with queuing tools such as CBWFQ and WFQ. Shaping queues exist when traffic shaping is enabled; the shaping queue is associated with the particular instance of shaping. If shaping has been enabled on 20 subinterfaces on a single physical interface, for instance, 20 sets of shaping queues exist, all feeding into the single set of physical interface software queues.
| | 11. | How many token buckets are used by the CB Shaping internal processes with Be = 0? How big is the bucket(s)? | | Answer: | Only 1 token bucket is used. The size is equal to Bc bits.
| | 12. | How many token buckets are used by the CB Shaping internal processes with Be = 8000? How big is the bucket(s)? | | Answer: | Only 1 token bucket is used, but the size is Bc + Be bits.
| | 13. | How many token buckets are used by the CB Policing internal processes with Be = 0? How big is the bucket(s)? | | Answer: | Only 1 token bucket is used. The size is equal to Bc bytes.
| | 14. | How many token buckets are used by CB Policing internal processes, configured for single-rate policing, with Be = 8000? How big is the bucket(s)? | | Answer: | Two token buckets are used, with Bc bytes in one bucket, and Be bytes in the other.
| | 15. | How many token buckets are used by CB Policing internal processes, configured for dual-rate policing, with Be = 8000? How big is the bucket(s)? | | Answer: | Two token buckets are used, with Bc bytes in one bucket, and Be bytes in the other.
| | 16. | Imagine a CB Shaping configuration with a rate of 128000, Bc = 8000, and Be = 16000. What is the Tc value, and how many tokens are refilled into the first bucket during each Tc? | | Answer: | Tc = Bc/CIR, or in this case, 8000/128000, or 62.5ms. Each Tc (62.5ms), 8000 tokens (Bc tokens) are refilled into the bucket. CB Shaping only uses one bucket. (Author's note: IOS actually rounds these numbers so there are no fractions in use.)
| | 17. | Imagine a CB Shaping configuration with a rate of 128000, Bc = 8000, and Be = 16000. At the beginning of the next time interval, the token bucket is full. If the physical clock rate of the interface on which shaping is enabled is 256 kbps, describe how much traffic that will be sent in this next Tc, and why. | | Answer: | At a physical link speed of 256 kbps, with a calculated Tc of 62.5 ms (see previous question's answer for that math), the maximum number of bits that can be sent in 62.5 seconds at that rate is 256000 * .0625 = 16000. The bucket has a size of Bc + Be, or 24,000; because there are 24,000 bits worth of tokens are in the bucket at the beginning of the interval, all packets totalling 16,000 bits can be sent in this first interval, with the bucket containing 8000 more tokens.
| | 18. | If a policer is called a "two color" policer, what does that mean? | | Answer: | It means that the policer designates each policed packet as either conforming to the traffic contract, or exceeding the contract. The numer of colors is the number of categories, in terms of meeting the traffic contract, into which the policer can place a packet.
| | 19. | If a policer is called a "three color" policer, what does that mean? | | Answer: | It means the same general thing as a "two color" policer, but with three categories conform, exceed, and violate.
| | 20. | With CB Policing, how are tokens refilled into the bucket associated with the CIR policing rate? | | Answer: | Unlike CB Shaping, CB policing replenishes tokens in the bucket in response to policing a packet, as opposed to every Tc seconds. Every time a packet is policed, CB policing puts some tokens back into the bucket. The number of tokens placed into a bucket is calculated as follows:
| | 21. | With a dual-rate policer, how are tokens refilled into the token bucket associated with PIR? | | Answer: | It fills the PIR bucket in the same general method as filling the CIR bucket, but with the formula using the PIR, as follows:
| | 22. | With a single-rate policer, with Be > 0, how are tokens refilled into the excess token bucket? | | Answer: | The tokens are filled into the first token bucket. Any that spill due to that bucket already being full of tokens spill into the excess token bucket.
| | 23. | With a single-rate policer, with Be = 0, what must be true for the policer to decide that a packet exceeds the traffic contract? | | Answer: | If there are fewer tokens in the single token bucket than the number of bytes in the packet, the packet is considered to exceed the contract.
| | 24. | With a single-rate policer, with Be > 0, what must be true for the policer to decide that a packet exceeds the traffic contract? | | Answer: | If there are fewer tokens in the first token bucket than the number of bytes in the packet, but at least that many tokens in the second bucket, the packet is considered to exceed the contract.
| | 25. | With a single-rate policer, with Be > 0 what must be true for the policer to decide that a packet violates the traffic contract? | | Answer: | If there are fewer tokens in the first token bucket than the number of bytes in the packet, plus fewer than that many tokens in the second bucket, the packet is considered to violate the contract.
| | 26. | With a single-rate policer, regardless of Be setting, what must be true for the policer to decide that a packet conforms to the traffic contract? | | Answer: | If there are at least as many tokens in the first token bucket than the number of bytes in the packet, the packet is considered to conform to the contract.
| | 27. | For policing configurations that use two buckets, a packet is classified as conforming, exceeding, or violating the traffic contract. When processing a new packet, in which of these three cases does the policer then also remove or spend the tokens? | | Answer: | When the packet either conforms to or exceeds the traffic contract. In order to conform or exceed, one or the other bucket must have had enough tokens to allow the policer to consider the packet either as conforming or exceeding. For packets that violate, the buckets are not decremented.
| | 28. | Comparing the logic used for a single-rate and dual-rate policer, when both use two token buckets, their logic differs slightly in terms of how the tokens are removed from the buckets when policing a packet. Explain that difference. | | Answer: | For a single-rate, two bucket policer, for packets that conform to the contract, the policer removes tokens from the first bucket only. With a dual-rate policer, for packets that conform to the contract, it removes tokens from both buckets.
| | 29. | Comparing the logic used for a single-rate and dual-rate policer, when both use two token buckets, their logic differs slightly in terms of how the tokens are added to the buckets before policing a newly-arrived packet. Explain that difference. | | Answer: | For a single-rate, two bucket policer, Bc bytes of tokens are added to the first bucket; spillage falls into the second bucket; and any spillage from the second bucket is wasted. For a dual-rate policer with two buckets, each pucket is replenished directly, based on the CIR and PIR, respectively. Tokens spilled from either bucket are wasted.
|
Class-Based Shaping Configuration
| 30. | Along with the class-map, policy-map, and service-policy commands, CB shaping requires one specific command that actually sets values used for the shaping function. List the command, with the correct syntax, that sets a shaped rate of 128 kbps, a Bc of 8000, and a Be of 8000, when using CB shaping. Do not assume any defaults; explicitly set the values in the command. | | Answer: | shape average 128000 8000 8000
| | 31. | Explain the context inside the configuration mode under which the service-policy command can be used to enable LLQ on a CB shaping queue. ("Context" means what part of configuration modefor instance, global-configuration mode, interface configuration mode, and so on.) | | Answer: | CB shaping requires a policy map, with class commands inside the policy map. Inside class configuration mode inside the CB shaping policy map, the service-policy command can refer to another policy map, which could enable LLQ for the class.
| | 32. | CB shaping has been configured under subinterface s0/0.1. What show command lists statistics for CB shaping behavior just for that subinterface? | | Answer: | show policy-map interface s0/0.1
| | 33. | Which of the traffic-shaping tools can be enabled on each VC on a Frame Relay multipoint subinterface? | | Answer: | FRTS.
| | 34. | At what rate would CB Shaping actually shape traffic when using the command shape peak 64000 8000 16000? | | Answer: | The formula to figure out the peak rate is Actual_rate = configured_rate (1 + Be/ Bc). In this case, the formula is 64000 (1 + 16000/8000), or 192,000 bits/second.
| | 35. | Assume that two class maps have already been defined, called C1 and C2. You decide to add a policy map, and enable it on interface serial 0/1, so that the policy map has both classes C1 and C2 in it. For class C1, you do not use any shaping, but for class C2, you will shape with a rate of 128 kbps. Create the rest of the syntactically-correct configuration commands to meet this requirement. | | 6. | Answer:
policy-map fred
class C1
class C2
shape average 128000
interface serial 0/1
service-policy output fred
The command "Class C1" is shown, with no action, just to point out that traffic matched in class C1 wouldn't be shaped.
| | 36. | Assume the same general requirements as the previous question. Create the configuration, defining the shaping rate as a percentage, assuming the interface already has a bandwidth 256 command under it. | | 7. | Answer:
policy-map fred
class C1
class C2
shape average percent 50
interface serial 0/1
bandwidth 256
service-policy output fred
| | 37. | Assume the same general requirements as the previous question, except now you want to tune the Tc down to 10ms, and not have any excess burst capability. Create the configuration. | | 8. | Answer:
policy-map fred
class C1
class C2
shape average 128000 1280 0
interface serial 0/1
bandwidth 256
service-policy output fred
| | 38. | Assume the same general requirements as the previous question, except now you want to keep the default Bc, but make Be equal to twice Bc. Create the configuration. | | 9. | Answer:
policy-map fred
class C1
class C2
shape average 128000 8000 16000
interface serial 0/1
bandwidth 256
service-policy output fred
Answer: At rates lower than 320 kbps, CB Shaping uses a default of Bc = 8000 = Be. At higher speeds, Bc = Be if not specified, with Bc calculated as Tc * CIR, with Tc defaulted to .025 seconds.
| | 39. | Assume the same general requirements as the previous question, except now you want to adapt the shaping rate to 50 percent of the originally configured rate upon the receipt of Frame Relay BECNs. Create the configuration. | | 10. | Answer:
policy-map fred
class C1
class C2
shape average 128000 8000 16000
shape adaptive 64000
interface serial 0/1
bandwidth 256
service-policy output fred
|
Class-Based Policing Configuration
| 40. | Assume that two class maps have already been defined, called C1 and C2. You decide to add a policy-map, and enable it on interface serial 0/1, so that the policy-map has both classes C1 and C2 in it. For class C1, will configure policing at a rate of 128 kbps, and for class C2, you will police at a rate of 256 kbps. You want to transmit packets that conform to the contract, and re-mark to DSCP AF13 for those that exceed the contract. Create the rest of the syntactically-correct configuration commands to meet this requirement. | | 1. | Answer:
policy-map fred
class C1
police 128000 conform-action transmit exceed-action set-dscp-transmit af13
class C2
police 256000 conform-action transmit exceed-action set-dscp-transmit af13
interface serial 0/1
service-policy output fred
| | 41. | Assume the same general requirements as the previous question, but in this case, you want to create a two-bucket/three-color policer, and drop packets that violate the traffic contract. Create the configuration commands. | | 2. | Answer:
policy-map fred
class C1
police 128000 conform-action transmit exceed-action set-dscp-transmit af13 violate-
action drop
class C2
police 256000 conform-action transmit exceed-action set-dscp-transmit af13 violate-
action drop
interface serial 0/1
service-policy output fred
| | 42. | Assume that two class maps have already been defined, called C1 and C2. You decide to add a policy map, and enable it on interface serial 0/1, so that the policy map has both classes C1 and C2 in it. For class C1, will configure policing at a rate of 128 kbps, and for class C2, you will police at a rate of 256 kbps. You can configure any actions you like for the three categories. However, you need to change the Bc setting such that the first token bucket's size is equal to 1 second's worth of data. Create the configuration commands. | | 3. | Answer:
policy-map fred
class C1
police 128000 8000 conform-action transmit exceed-action set-dscp-transmit af13
violate-action drop
class C2
police 256000 16000 conform-action transmit exceed-action set-dscp-transmit af13
violate-action drop
interface serial 0/1
service-policy output fred
Remember, the Bc value is set in bytes, and the rate in bits. At 128,000 bits per second, 64,000 bits can be sent in 1/2 second, which equals 8000 bytes.
| | 43. | Assume the same general requirements as the previous question, but now you decide to create a dual-rate policer for class C2, with the PIR set at double the CIR of 256 kbps. Create the configuration commands. Assuming you didn't configure Be, what would CB Policing calculate for the Be setting? | | 4. | Answer:
policy-map fred
class C1
police 128000 8000 conform-action transmit exceed-action set-dscp-transmit af13
violate-action drop
class C2
police cir 256000 bc 16000 pir 512000 conform-action transmit exceed-action set-
dscp-transmit af13 violate-action drop
interface serial 0/1
service-policy output fred
Be = PIR/32, or in this case, 16,000 bytes.
| | 44. | Assume the same general requirements as the previous question, but now configure the police commands assuming that interface serial 0/1 has a bandwidth 512 command configured, and you have to use the percent option in both police commands. | | 5. | Answer:
policy-map fred
class C1
police cir percent 25 bc 500 ms conform-action transmit exceed-action set-dscp-
transmit af13 violate-action drop
class C2
police cir percent 50 bc 500 ms pir percent 100 conform-action transmit exceed-action
set-dscp-transmit af13 violate-action drop
interface serial 0/1
service-policy output fred
With an interface bandwidth of 512000, class C1 needs 25 percent of that value to continue to police at 128 kbps. Also note that the original requirement for setting Bc in each command was for Bc to be equal to 1/2 second's worth of data. With the percent option used for the rate, Bc is set as a number of milliseconds, which would be 500 ms, or .5 seconds.
| | 45. | CB Policing has been configured under subinterface s0/0.1. What show command would list statistics for CB Policing behavior just for that subinterface? | | Answer: | show policy-map interface s0/0.1
| | 46. | List the command, with the correct syntax, that sets a Policed rate of 512 kbps, a Bc of 1 second's worth of traffic, and a Be of an additional .5 seconds worth of traffic, when using CB Policer. Do not assume any defaults; explicitly set the values in the command. You can choose any other settings needed for the command. | | Answer: | police 512000 64000 32000 conform-action transmit exceed-action drop violate-action drop
| | 47. | Explain the concept behind re-marking policed packets versus discarding the packets. | | Answer: | By re-marking the packets, you can increase the packet's likelihood of being dropped later. For instance, WRED reacts to the precedence or DSCP value, discarding certain marked values more aggressively. By re-marking, if no congestion occurs, the packet may still get through the network. If congestion does occur, the packet that the policer marked down has a greater chance of being dropped.
|
 |
