Overview

Fast Path QoS Basic is a fast path trTCM which helps implementing QoS on your network.

Fast Path QoS Basic marks packets as either Green, Yellow, or Red. You can then process packets accordingly (by dropping red packets, for example).

../../_images/traffic.svg

Fast Path QoS Basic operates in Color-Aware Mode (in which packets may have been previously colored) or in In Color-Blind Mode (in which are not precolored).

Fast Path QoS - Exception Rate Limitation is a feature of Fast Path QoS that limits the rate of packets sent as exceptions from the fast path to Linux.

Features

  • RFC 4115 trTCM

  • Color-aware and color-blind support

  • Per packets or per bytes accounting

  • FPN-SDK traffic conditioner API

  • Exception Rate Limiting to control the rate of packets sent as exceptions from fast path to Linux

The implementation is based on RFC 4115. The operation of the marker is described by two token generation rates, CIR and EIR, and two token bucket sizes, CBS and EBS.

Token bucket generation rate

Token bucket size

CIR

CBS

EIR

EBS
../../_images/buckets.svg

The number or token buckets is:

  • incremented periodically, and,

  • decremented whenever a packet meets a bucket’s criteria (i.e., if its size in less than or equal to the size corresponding to the number or tokens).

The rate at which the counter is decremented determines the average bandwidth. The value of the threshold determines the burstiness (intermittent increases and decreases in frequency of packet transmission).

The buckets status evolves over time, as illustrated in the table below:

Time

Committed Traffic Token Bucket

Excess Traffic Token Bucket

0

Full

Full

t

As long as the token count is lower than the CBS, it is incremented by one CIR times per second.

As long as the token count is lower than the EBS, it is incremented by one EIR times per second.

In the simplest case (green packet in color-aware mode), packets are processed as follows:

  • If a green packet meets the Committed Traffic Token Bucket’s criteria, it remains marked as green.

  • If a green packet does not meet the Committed Traffic Token Bucket’s criteria, but does meet the Excess Traffic Token Buckets criteria, it is marked as yellow.

  • If a green packet does not meet the Committed Traffic Token Bucket’s criteria, nor the Excess Traffic Token Buckets criteria, it is marked as red.

In addition to the RFC units, the API proposes to count either per-bytes or per-packets, and to rely or not on current packet color (color-aware or color-blind).

Algorithm

The algorithm is as follows, with Tc(t) and Te(t) the current number of tokens for the Committed Traffic Token Bucket and Excess Traffic Token Bucket respectively:

  • When a green packet of size B (B = 1 in case of per-packets counting) arrives at time t, then

    • if Tc(t) - B > 0, the packet is marked green, and Tc(t) is decremented by B

    • else if Te(t) - B > 0, the packet is marked yellow, and Te(t) is decremented by B

    • else the packet is marked red.

  • When a yellow packet of size B arrives at time t, then

    • if Te(t) - B > 0, the packet is marked yellow, and Te(t) is decremented by B

    • else the packet is marked red.

  • In color-blind operation, the algorithm assumes that the packet is marked green.

Features implemented in the fast path using the traffic conditioner API:

  • Rate limiting of exceptions packets (MCORE_TC_ERL option)

  • Rate limiting of packets received(/sent) on(/from) the specified interface (both physical and virtual interfaces)

  • Conditional rate limiting using filters

Double-condition policer

If 2 sets of parameters are defined (using tc-policer-add), then this is a policer with a double condition.

In that case both trTCM must return a color other than red for the packet to be accepted.

A double-condition policer is not a sequence of 2 policers, it is a single policer with 2 conditions that must be satisfied simultaneously for a packet to be accepted. If the packet is accepted, then the credits of both trTCMs are consumed. If not, no credit is consumed.

The color returned by this double condition trTCM is the higher of the 2.

ERL in Details

Fast Path QoS - Exception Rate Limitation is a feature of Fast Path QoS that limits the rate of packets sent as exceptions from the fast path to Linux.

Features

  • Exception Rate Limitation to limit the rate of packets sent as exceptions from the fast path to Linux

When the MCORE_TC_ERL option is enabled, the fast path limits the rate of exceptions sent to the slow path. The rate can be configured by “fp-cli tc-erl-add” command.

A priority is associated with each exception: low, medium and high. The pass or drop action depends on this priority and the packet color, as marked by the QoS marker:

  • If exception priority is low, green packets pass and yellow or red packets are dropped,

  • If exception priority is medium, green and yellow packets pass, and red packets are dropped,

  • If exception priority is high, packets pass,

  • If exception priority is unknown, packets are dropped.

Whenever a packet is found to be an exception, a class value (8 bits) is associated with it:

  • The two most significant bits define the priority of the exception (3 for high priority, 2 for medium, 1 for low, and 0 for unknown),

  • The six last significant bits define the type of the exception (ARP is required; IKE negotiation is needed, etc.).

The default setting is low priority for all exceptions type, so that a simple token bucket is used to let packets go through or to drop them.

Dependencies

6WINDGate modules