CAR propagates bursts. It does not perform
traffic shaping, and therefore does no buffering and adds no delay. CAR can be applied to all traffic or a subset
of the traffic selected by an access-list. CAR performs best when configured on interfaces at the edge of a
network to limit traffic into or out of the network.
How CAR Works
CAR provides several fundamental capabilities, as depicted in Figure 7-6. CAR examines traffic received on an
interface or a subset of selected traffic by using access list criteria, or all IP traffic, or traffic group by a
classification tag such as IP precedence. It then compares the rate of the traffic to a configured token bucket
and executes the action policy based on the result. For example, CAR will drop the packet or rewrite the IP
precedence by resetting the type of service (ToS) bits.
Figure 7-6. Committed Access Rate (CAR)
The information in Figure 7-6 is taken from Cisco security presentation on "Committed Access Rate."
[View full size image]
CAR utilizes a token bucket measurement. Token bucket parameters include the committed rate, the normal
burst size (to handle temporary bursts over the rate limit without penalty), and the excess burst size.
Pages:
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375