1. Field of the Invention
The invention relates generally to processing network traffic, and more particularly, to the policing of network traffic to confirm to a desired service.
2. Description of Related Art
Routers receive data on a physical media, such as optical fiber, analyze the data to determine its destination, and output the data on a physical media in accordance with the destination. Routers were initially designed using a general purpose processor executing large software programs. As line rates and traffic volume increased, however, general purpose processors could not scale to meet these new demands. For example, as functionality was added to the software, such as accounting and policing, these routers suffered performance degradation. In some instances, the routers failed to handle traffic at line rate when the new functionality was implemented.
To meet the new demands, purpose-built routers were designed with components optimized for routing. These routers not only handle higher line rates and higher network traffic volume, they also add functionality without compromising line rate performance.
A purpose-built router may include a number of input and output ports from which it transmits and receives information packets. A packet received at one port is typically directed to its appropriate output port based on an examination and processing of the packet's header information, which includes an indication of the packet's destination. A high-performance router must accordingly examine and process the information packets at a high speed.
It may be desirable to provide a certain level of service in a purpose-built router, for example using a policer, rather than a queue. FIG. 1 is a block diagram illustrating an exemplary token bucket policer 100. Policer 100 may include, conceptually, a token bucket 110 and a number of credits 120 in bucket 110. Those skilled in the art will appreciate that policer 100 may be implemented using software, hardware, or some combination of both.
In practice, policer 100 may be used to impose some level of service on entering packets, for example by rate limiting traffic. In such a case, a packet is passed through policer 100 if a sufficient number of credits 120 (e.g., proportional to a size of the packet) is present in bucket 110. If the sufficient number of credits 120 is present, this number of credits 120 is removed from bucket 110 when the packet is passed. If the sufficient number of credits 120 is not present, however, the packet may “fail” and may be dropped, marked as non-conforming, etc. More credits 120 may be perodically added to bucket 110 at a rate that corresponds to the overall bandwidth of policer 100. Further, the size of bucket 110 (i.e., an upper limit on the number of credits 120 that will fit in bucket 110, if applicable) may correspond to a maximum burst size allowed by policer 100.
Such a policer 100 may create a bandwidth-limited service, or other type of desired service, within a purpose-built router or other network device. When differentiated levels of service (e.g., high priority, low priority, premium, ordinary, etc.) are desired, however, such policers may have difficulty in properly handling different types of packets.
Thus, it is desirable to police network traffic to confirm to desired levels of service in high-performance routers and other network devices.