upgrade
Fiveable

📡Systems Approach to Computer Networks Unit 19 Review

QR code for Systems Approach to Computer Networks practice questions

19.3 Traffic Shaping and Policing

📡Systems Approach to Computer Networks
Unit 19 Review

19.3 Traffic Shaping and Policing

Written by the Fiveable Content Team • Last updated August 2025
Written by the Fiveable Content Team • Last updated August 2025
📡Systems Approach to Computer Networks
Unit & Topic Study Guides

Traffic Shaping and Policing

Traffic shaping and policing are two core techniques for managing network bandwidth and enforcing Quality of Service (QoS) policies. They prevent congestion, ensure fair resource allocation, and prioritize critical traffic. Understanding how each one works, and when to use which, is essential for network management.

The key distinction: traffic shaping delays packets to smooth out flow, while policing drops or marks packets that exceed a rate limit. Both rely on bucket-based algorithms, but they make very different trade-offs between latency and packet loss.

Traffic Shaping vs. Policing Techniques

Traffic shaping smooths out traffic by buffering packets and releasing them at a controlled rate, conforming to a desired traffic profile.

  • Enforces a maximum rate while still allowing bursts up to a configured limit (the burst size)
  • Introduces additional delay because packets sit in a buffer, but avoids packet drops
  • Commonly implemented with the token bucket algorithm

Traffic policing enforces strict rate limits by dropping or re-marking packets that exceed the specified rate. There's no buffering involved.

  • Does not introduce additional delay, since packets aren't queued
  • Can result in packet drops when traffic exceeds the limit
  • Commonly implemented with the leaky bucket algorithm

Think of it this way: shaping is gentle (it holds packets back and sends them later), while policing is strict (it discards packets that don't comply). Shaping trades latency for reliability; policing trades packet loss for low latency.

Traffic shaping vs policing techniques, Algoritmos de gestión de tráfico: Leaky Bucket, Token Bucket y Virtual Scheduling

Token Bucket Algorithm for Shaping

The token bucket algorithm controls traffic by requiring packets to "spend" tokens before they can be transmitted. It enforces a long-term average rate while permitting short-term bursts.

How it works:

  1. Tokens are generated at a fixed rate (the token generation rate) and added to a bucket.
  2. The bucket has a maximum capacity, which determines the burst size allowed.
  3. When a packet arrives, the algorithm checks whether enough tokens are available. If so, the corresponding number of tokens are removed and the packet is transmitted.
  4. If there aren't enough tokens, the packet is buffered (delayed) until tokens accumulate.
  5. If the bucket is already full, newly generated tokens are simply discarded.

Key parameters:

  • Token generation rate = the long-term average bandwidth limit. For example, if you set this to 1 Mbps, the flow can't sustain more than 1 Mbps over time.
  • Bucket size = the burst tolerance. A larger bucket lets a source send a bigger burst above the average rate, as long as tokens have been accumulating during a quieter period.

For example, suppose the token rate is 100 tokens/sec and the bucket holds 500 tokens. If the source is idle for 5 seconds, the bucket fills to 500 tokens. The source can then burst 500 tokens' worth of data at once before being throttled back to the 100 tokens/sec average.

Traffic shaping vs policing techniques, Modeling Traffic Shaping and Traffic Policing in Packet-Switched Networks

Leaky Bucket Algorithm for Policing

The leaky bucket algorithm enforces a strict, constant output rate regardless of how bursty the incoming traffic is.

How it works:

  1. Incoming packets are placed into a buffer (the "bucket") of fixed size.
  2. The bucket "leaks" packets out at a constant rate (the leak rate), which is the maximum sustained traffic rate allowed.
  3. If a packet arrives and the bucket is already full, that packet is either dropped or marked as non-conforming (depending on the policy).

Key parameters:

  • Leak rate = the maximum sustained output rate. Traffic leaves the bucket at this constant rate no matter what.
  • Bucket size = the maximum burst that can be absorbed. A larger bucket tolerates more bursty arrivals before packets start getting dropped.

The critical difference from the token bucket: the leaky bucket produces a perfectly smooth output stream at the leak rate. The token bucket, by contrast, allows bursts in the output as long as tokens are available.

Applications of Shaping and Policing

Managing bandwidth to prevent congestion:

  • Traffic shaping is well-suited for smoothing bursty flows like video streaming. A video encoder might produce data in uneven chunks, and shaping smooths those bursts so downstream links aren't overwhelmed.
  • Traffic policing works well for enforcing hard bandwidth caps, such as limiting a VoIP flow to its contracted rate. Since VoIP packets are small and time-sensitive, dropping excess traffic is preferable to adding buffering delay.
  • In enterprise networks, shaping and policing are often combined: shaping at the edge to smooth outbound traffic, and policing at ingress points to enforce Service Level Agreements (SLAs).

Enforcing QoS policies to prioritize critical traffic:

  1. Classify traffic into different classes based on QoS requirements (e.g., real-time voice, interactive video, best-effort data).
  2. Apply appropriate shaping or policing parameters to each class. Real-time traffic might get a guaranteed minimum rate; best-effort traffic might be policed to a lower ceiling.
  3. Prioritize critical classes so their performance targets are met. For instance, emergency services traffic could receive the highest priority with minimal policing.
  4. Mark packets using techniques like DiffServ (Differentiated Services) code points so that routers throughout the network can identify each class and handle it accordingly.