Sunday, October 11, 2015

Shaping vs Policing

Source:
Comparing Traffic Policing and Traffic Shaping for Bandwidth Limiting

Selection Criteria

The following table lists the differences between shaping and policing to help you choose the best solution.
ShapingPolicing
ObjectiveBuffer and queue excess packets above the committed rates.Drop (or remark) excess packets above the committed rates. Does not buffer.*
Token Refresh RateIncremented at the start of a time interval. (Minimum number of intervals is required.)Continuous based on formula: 1 / committed information rate
Token ValuesConfigured in bits per second.Configured in bytes.
Configuration Options
  • shape command in the modular quality of service command-line interface (MQC) to implement class-based shaping.
  • frame-relay traffic-shape command to implement Frame Relay Traffic Shaping (FRTS).
  • traffic-shape command to implement Generic Traffic Shaping (GTS).
  • police command in the MQC to implement class-based policing.
  • rate-limit command to implement committed access rate (CAR).
Applicable on InboundNoYes
Applicable on OutboundYesYes
BurstsControls bursts by smoothing the output rate over at least eight time intervals. Uses a leaky bucket to delay traffic, which achieves a smoothing effect.Propagates bursts. Does no smoothing.
AdvantagesLess likely to drop excess packets since excess packets are buffered. (Buffers packets up to the length of the queue. Drops may occur if excess traffic is sustained at high rates.) Typically avoids retransmissions due to dropped packets.Controls the output rate through packet drops. Avoids delays due to queuing.
DisadvantagesCan introduce delay due to queuing, particularly deep queues.Drops excess packets (when configured), throttling TCP window sizes and reducing the overall output rate of affected traffic streams. Overly aggressive burst sizes may lead to excess packet drops and throttle the overall output rate, particularly with TCP-based flows.
Optional Packet RemarkingNoYes (with legacy CAR feature).
* Although policing does not apply buffering, a configured queuing mechanism applies to "conformed" packets that may need to be queued while waiting to be serialized at the physical interface.