Networks police traffic by limiting the input or output transmission rate of a class of traffic based on user-defined criteria. Policing traffic allows the user (typically a network service provider or other system operator) to control the maximum rate of traffic sent or received on an interface and to partition a network into multiple priority levels or classes of service (CoS). A traffic policer is often configured on interfaces at the edge of a network to limit the rate of traffic entering or leaving the network. In the most common configurations, traffic that conforms to the given rate limit is sent through the interface, while traffic that exceeds the limit is sent with a decreased priority or is dropped. Users can change these configuration options to suit their network needs.
Traffic policing features are often built into network switches, such as routers, and other network access equipment. For example, Cisco Systems (San Jose, Calif.) offers a “Two-Rate Policer” as part of its IOS software package for Cisco routers. The Two-Rate Policer performs the following functions:                Limits the input or output transmission rate of a class of traffic based on user-defined criteria.        Marks packets by setting the IP precedence value, IP differentiated services code point (DSCP) value, Multiprotocol Label Switching (MPLS) experimental value, Quality of Service (QoS) group, ATM Cell Loss Priority (CLP) bit, and/or the Frame Relay Discard Eligibility (DE) bit.The Two-Rate Policer enables users to enforce traffic policing according to two separate rates: committed information rate (CIR) and peak information rate (PIR).        
The Two-Rate Policer manages the maximum rate of traffic using a token bucket algorithm, as is known in the art. This algorithm applies user-configured values to determine the maximum rate of traffic allowed on an interface at a given moment in time. The token bucket algorithm provides users with three actions for each packet: a conform action, an exceed action, and an optional violate action. Within these three categories, users can decide on packet treatments. For instance, packets that conform can be configured to be sent, packets that exceed can be configured to be sent with a decreased priority, and packets that violate can be configured to be dropped.
The present invention will be more fully understood from the following detailed description of the embodiments thereof, taken together with the drawings in which: