The shape average command in a policy map limits traffic to a specified rate, smoothing bursts using a token bucket algorithm. It has three parameters:
- Committed Information Rate (CIR): The average rate in bits per second (bps) you want to shape traffic to (required).
- Committed Burst (Bc): The number of bits allowed to be sent in a burst within a time interval (optional; defaults to CIR/8).
- Excess Burst (Be): Additional bits allowed beyond Bc during bursts (optional; defaults to 0, meaning no excess burst).
Syntax
shape average <CIR> [<Bc> <Be>]
Example: shape average 5000000 12500 0- CIR = 5 Mbps (5000000 bps): Traffic is shaped to an average of 5 Mbps.
- Bc = 12500 bits: Allows a burst of 12500 bits per time interval (Tc = Bc/CIR, typically 25ms by default).
- Be = 0: No excess burst allowed (conservative shaping).
How Shape-Average Works (Token Bucket)
The token bucket analogy helps explain shaping:
- Tokens arrive at the CIR rate (e.g., 5 Mbps).
- Each packet needs tokens equal to its size to be sent.
- If enough tokens are available, the packet is sent, and tokens are consumed.
- If not, the packet is buffered (queued) until tokens accumulate or dropped if the queue is full.
Explain Shape-Average Token Bucket below:
[Token Bucket]
+-------------------+
| Tokens arrive at | <--- CIR (e.g., 5 Mbps)
| 5 Mbps (CIR) | Tokens replenish every Tc (e.g., 25ms)
| |
| Bucket Capacity: | <--- Bc (e.g., 12500 bits) + Be (e.g., 0 bits)
| 12500 bits (Bc) |
+-------------------+
|
v
[Traffic Flow]
Packets --> [Check Tokens] --> Enough Tokens? --> Yes --> Send Packet
| No --> Buffer Packet
| (Queue until tokens available)
v
[Queue] --> If full --> Drop Packet- Normal Case: A 1000-bit packet arrives, and 12500 tokens are in the bucket. 1000 tokens are used, leaving 11500. Packet is sent immediately.
- Burst Case: A 15000-bit packet arrives, but only 12500 tokens are available (Bc limit). Packet is buffered until enough tokens accumulate (unless Be > 0, which isn’t set here).
- Overflow: If the queue fills, excess packets are dropped.
Real world normal practices Master and Child Policy Maps
class-map match-all VOICE
match ip dscp ef
class-map match-all VIDEO
match ip dscp af41
class-map match-all DATA
match ip dscp default
policy-map CHILD-POLICY
class VOICE
priority percent 20 ! 20% of 10 Mbps = 2 Mbps
class VIDEO
bandwidth percent 30 ! 30% of 10 Mbps = 3 Mbps
class DATA
bandwidth remaining percent 50 ! 50% of remaining 5 Mbps = 2.5 Mbps
shape average 2500000 ! Shapes DATA to 2.5 Mbps
policy-map MASTER-POLICY
class class-default
shape average 10000000 ! Limits total WAN link to 10 Mbps
service-policy CHILD-POLICY ! Applies child policy within shaped limit
interface GigabitEthernet0/0/0
bandwidth 10000 ! Sets interface bandwidth to 10 Mbps
service-policy output MASTER-POLICYExplanation
- Master Policy: shape average 10000000 caps total outbound traffic at 10 Mbps, ensuring the WAN link isn’t overwhelmed.
- Child Policy: Manages traffic within that 10 Mbps:
- VOICE: 20% (2 Mbps, priority queue).
- VIDEO: 30% (3 Mbps, guaranteed).
- DATA: 50% of remaining (2.5 Mbps, shaped to 2.5 Mbps).
- Total Reserved Bandwidth: 2 Mbps (VOICE) + 3 Mbps (VIDEO) = 5 Mbps, or 50% of 10 Mbps. This stays well under your 75% limit (7.5 Mbps), leaving room for unshaped traffic in class-default.
Why 75% Max?
Limiting reserved bandwidth to 75% ensures that some capacity (25%, or 2.5 Mbps here) remains for unclassified traffic or bursts, preventing starvation of lower-priority flows.
Summary
- Shape-Average: Uses CIR (required), Bc (optional), and Be (optional) to smooth traffic via a token bucket. The diagram shows how tokens control packet flow.
- Master/Child Policy: Your approach effectively caps total bandwidth (master) while prioritizing and shaping within that limit (child), adhering to the 75% rule for flexibility.