来自合作方一个CCIE(CCIE号1万刚出头)的邮件,很有实用价值,短短一个邮件说明了如何使用traffic shaping and policing。麻烦不要转载,涉及公司。

思科传送门

====================================================================================

Our standard way of setting up those connections is to use policing. With policing our switch will drop every packet that exceeds the target rate in a 4ms interval. This results in excessive drop rates if high volumes are transferred and the rate is exceeded regularly. To avoid this you can configure shaping at your end with the following parameters:

policy-map po_name

 class class-default

  shape average 5000000 20000 ! this results in a Tc of 4 ms and matches our configuration

Of course the service policy also needs to be applied to the egress interface.

 

in our setup you are sending at 1 GBIt/s, we are throttling this to 5 MBit/s, i.e. the discrepancy between your sending rate and our transmission rate is extreme.

 

shaping in general results in packets being queued in the network. This implies latency and, depending on the amount of traffic generated jitter can be high as well. Therefore in most cases policing is preferred over shaping. Provider typically use policing for their sub-rate MetroEthernet services as they do not want to interfere with client traffic and as shaping can result in excessive memory usage on the network devices (eg imagine to store 1000 x 1500 Byte packets, this requires 1.5 MByte of buffer memory on the router)

If you do shaping at your end you can influence the traffic and prefer important traffic over the less preferred traffic yourself. The higher the end-to-end latency the worse the impact of policing as the higher layer TCP session needs longer to recover resulting in poor performance, therefore our policing needs to be complemented by shaping at your end.

This is exactly the same behaviour that prevailed in FrameRelay networks unless shaping was used to tame the burstiness of the traffic. 

We have an additional complication in this case which is introduced by the fact that you do not have your own network equipment in NewYork. This means you cannot shape your traffic in NewYork. 

In one of the tests I ran I limited the sending rate on the server to 5 MBit/s and achieved 96% link utilization. This would be equivalent to shaping done at your end. 

I have changed the configuration to shaping at our end using the same Tc of 4 ms and achieved throughput of 4.5 MBit/s which is 90% of the net link capacity. The slightly lower peak utilization is caused by the fact that the transmission network does the shaping instead of the source of the traffic.