...

Use of the MPLS-TE

...

MPLS-TE with the combination of ingress policing and egress HQOS shaping on Junos CCC L2VPN circuits. Hard policing should be avoided in order to prevent frequent packet losses due to out-of-profile traffic, whereas output shaping can be deployed in order to shape traffic and to introduce minimal traffic latency as a trade-off to traffic drop.

Nevertheless, policing is highly encouraged as a result of a notion that user can easily saturate individual circuit and inadvertently affect other circuits traversing the same links and devices. Traffic shaping should be carried out as a first step towards prevention of circuit congestion and it should behave as a form of soft policing where latency addition through buffering acts like a prevention of packet drop.

CLI configlets have been proposed as a result of using Junos Space backend and thus flexible configuration of policers and shapers on MX devices throughout the network.

Policer configuration

The use of traffic policer can be specified in several ways, each producing identical results concerning the limitation of bandwidth over the L2VPN circuit. Basic policer configuration is provided in the following inset containing bandwidth limit and burst size limit parameters.

Policer should be applied as a part of the filter inside which policer is referenced. Family any is specified in order to generalize the traffic family since the traffic could be IPv4, IPv6, MPLS or CCC depending on the policer application.

Such configured filter containing the policer may be applied on the interface (specifically, on the unit level) or on the LSP level. Both configuration scenarios are depicted in the following insets, respectively.

As it was mentioned, both configurations provide the same results, so from the traffic policing standpoint, either configuration may be applied. Bearing in mind that CCC L2VPN circuits are being used and that they allocate a single dedicated LSP for individual circuit, it may more structured to use LSP policing instead of policing on the ingress interface. Main reason for this proposal is the fact that single interface is used for multiple unit configuration which provide ingress into CCC dedicated LSPs. Since circuit establishment depends on specification of transmit and receive LSPs, policer filter must be applied on both sides of the circuit. This is also a mandatory with interface unit policing filters.

Traffic shaping configuration 

As a result of each user having its own circuit and there is a requirement for traffic shaping instead of doing hard policing, hierarchical QoS deployment is scalable and flexible approach for this use case as it allows configuration of shaping rate for each circuit egressing on the particular physical interface. Specifically, each interface unit may be configured with specific parameters regarding traffic classification, priority and guaranteed rate. For the purpose of this use case, shaping rate or peak information rate (PIR) is the crucial parameter determining shaping features.

Hierarchical QoS (HQoS) allows flexible per-unit deployment and configuration of shaping rates as well as committed information rate (CIR) and transmission rate per queue. For the purpose of this deployment and testing, shaping has to be deployed on an interface and on a unit level. Thus, putting interface in PIR-only mode according to which bandwidth is distributed proportionally to configured shaping-rate parameter. Interface is in PIR-only mode if none of the child interfaces are configured with guaranteed-rate parameter, i.e. when they do not have CIR parameter configured

HQOS configuration is depicted in the following inset:

Proposed configuration for the use case would be to configure physical interface PIR parameter and the shaping rates for each traffic-control-profile which would contain shaping-rate for the specific circuit. Proposed configuration is depicted in the following inset: