Computing and communication networks typically include network devices, such as routers, firewalls, switches, or gateways, which transfer or switch data (or traffic), such as packets, from one or more sources to one or more destinations. Network devices may operate on the packets as the packets traverse the network, such as by forwarding or filtering the packet-based network traffic.
Network devices may also operate on host bound traffic, such as traffic provided to routing engines (e.g., hosts) of the network devices. For example, host bound traffic may include layer 2 (data link layer) traffic, layer 3 (network layer) traffic (e.g., according to the Open System Interconnection (OSI) model), protocol traffic, control traffic, etc. The data link layer provides functional and procedural means to transfer data between network devices and to detect and possibly correct errors that may occur in layer 1 (the physical layer). Network layer traffic provides functional and procedural means to transfer variable length data sequences from a source to a destination via one or more networks, while maintaining the quality of service requested by higher OSI layers.
A network device host (e.g., a routing engine) may have a limited bandwidth for handling host bound traffic. Mitigating congestion for host bound traffic (e.g., in the context of denial of service (DoS) attacks or sporadic packet burst) has been problematic since host interfaces in network device components (e.g., application-specific integrated circuits (ASICs)) have limited classification and queuing capabilities. For example, in some network devices there exist a fixed way (e.g., predetermined by the ASICs) to categorize traffic for different queues. Since this categorization is fixed, an undesirable outcome may occur, such as not enabling a customer (e.g., a network owner or user) to remove fate sharing for two different kinds of host bound traffic assigned to the same queue. In such a scenario, if one of the two kinds of host bound traffic experiences problems, the problematic traffic may over run the other traffic (e.g., which is not experiencing problems). When a customer experiences an issue related to loss of high-priority host bound traffic, a buffer-size of a queue (e.g., associated with the high-priority host bound traffic) may be increased. However, such an approach is ad-hoc and provides no configuration control to the customer.