Traffic Shaping

Traffic Shaping is a proactive QoS mechanism designed to regulate the flow of network traffic.

1. The Nature of Network Traffic: Bursts and Congestion

Network traffic is inherently unpredictable and bursty. Unlike a steady stream of water flowing through a pipe, data traffic on a network often arrives in sudden, high-volume bursts. For example, a user might browse a web page, causing a short burst of activity, followed by several minutes of inactivity. Then, they might start a large file download, flooding the network link with a sustained, high-speed flow of packets.

This burstiness is a major challenge for network management. When multiple bursts of traffic from different sources converge on a single network device, such as a router, and are destined for the same output link, the instantaneous rate of incoming traffic can easily exceed the link's outgoing capacity. This leads to . The router's internal buffers (queues) begin to fill up, causing delays (latency) for all packets. If the congestion is severe enough, the buffers overflow, and the router is forced to discard packets, leading to packet loss. To maintain a stable and predictable network, administrators need tools to control the rate and timing of traffic flow.

2. Introducing Traffic Shaping

is a proactive QoS mechanism designed to regulate the flow of network traffic. Its primary goal is to control the rate at which packets are sent out of an interface to match a predefined traffic profile or to comply with a contract agreed upon with a service provider. Instead of letting traffic flow in unregulated bursts, traffic shaping smooths the traffic flow into a more consistent and predictable stream.

The key operational principle of traffic shaping is delaying. When a burst of traffic arrives that exceeds the configured rate, a shaper does not immediately drop the excess packets. Instead, it places them in a buffer or queue. These buffered packets are then transmitted later, during lulls in traffic, ensuring that the long-term average rate of transmission does not exceed the configured limit. By retaining and delaying excess packets rather than dropping them, shaping avoids the packet loss that can trigger TCP retransmissions and helps to produce a smoother, less bursty output stream.

3. Traffic Shaping vs. Traffic Policing

Traffic shaping is often confused with another QoS mechanism called traffic policing, but they have a crucial difference in how they handle traffic that exceeds a defined rate limit.

Aspect	Traffic Shaping	Traffic Policing
Primary Action	Delays excess packets (retains)	Drops or re-marks excess packets (discards)
Mechanism	Uses a buffer to queue excess traffic	Does not buffer; acts as a gate
Effect on Traffic Flow	Smoothes out bursts into a consistent rate	Clips off bursts, resulting in a sawtooth-like flow
Impact on TCP	Increases latency but avoids retransmissions	Can trigger TCP retransmissions due to packet drops
Typical Use Case	On outbound interfaces to control the rate of sent traffic	On inbound interfaces to enforce a rate limit on received traffic

4. Core Algorithms for Traffic Shaping

To implement traffic shaping, network devices use algorithms that model the traffic flow against a set of configured parameters. The two most famous and widely used algorithms are the Leaky Bucket and the Token Bucket.

The Leaky Bucket Algorithm

The Leaky Bucket algorithm provides a very rigid and straightforward method for enforcing a constant output rate.

Concept: Imagine a bucket with a small hole in the bottom. Water (packets) can be poured into the bucket at any rate. However, the water leaks out of the hole at a constant, fixed rate, regardless of how much water is in the bucket or how quickly it is being added.
Operation: When a packet arrives, the system checks if there is space in the bucket (buffer). If there is space, the packet is placed in the queue. If the bucket is full, the incoming packet is dropped. Packets in the queue are then "leaked" out of the interface at a steady, constant rate.
Effect: The primary effect of the Leaky Bucket is that it transforms a bursty input stream into a smooth, constant-rate output stream. It enforces a strict output rate, completely eliminating bursts.
Limitation: The major drawback of the Leaky Bucket is its rigidity. Even if the network is completely clear and has ample available bandwidth, the output rate can never exceed the configured leak rate. If a user has a burst of data to send and the network is idle, the Leaky Bucket still forces them to send at the slow, steady rate, potentially underutilizing the network.

The Token Bucket Algorithm

The Token Bucket algorithm is a more flexible and widely implemented alternative. It allows for bursts of traffic up to a certain limit, while still controlling the long-term average rate.

Concept: This model uses a bucket that is filled with "tokens" at a constant rate. Each token represents permission to send a certain amount of data (e.g., one byte or one packet). The bucket has a maximum capacity.
Operation: When a packet is ready to be transmitted, the shaper checks the token bucket.
- If there are enough tokens in the bucket to "pay for" the packet, the required number of tokens is removed, and the packet is sent immediately.
- If there are not enough tokens, the packet must wait in a queue until sufficient tokens have been generated.
Tokens are generated at a fixed rate, say $r$ . If the bucket's capacity is $b$ , the system allows for bursts. For instance, if the token bucket is full, the application can immediately send a burst of $b$ bytes of data at the full speed of the interface. After this burst, it must then slow down to the average rate $r$ as tokens are replenished.
Effect: The Token Bucket algorithm controls the long-term average rate of transmission ( $r$ ) but also allows for short-term bursts of data up to the bucket size ( $b$ ). This is a much more realistic and efficient model for handling typical network traffic.
Flexibility: This model is highly flexible. A large bucket size allows for larger but less frequent bursts, while a smaller bucket size restricts bursts to be smaller but potentially more frequent. The token rate sets the upper bound on the average throughput. It is the most commonly used algorithm for both shaping and policing in modern networking equipment.

5. When and Where to Use Traffic Shaping

Traffic shaping is typically applied at specific points in the network to control the flow of traffic entering or leaving a particular administrative domain.

Service Provider Contract Enforcement: The most common use case is at the edge of an enterprise network where it connects to an Internet Service Provider (ISP). ISPs often sell services with a specific bandwidth contract, for example, a $100$ Mbps connection. They will police traffic coming into their network from the customer at that rate. To avoid having their own packets dropped by the ISP's policer, the enterprise can configure a traffic shaper on its outbound interface to smooth its own traffic to exactly $100$ Mbps, ensuring they never exceed their contracted rate.
Managing Traffic Over Slow WAN Links: In networks with a central office and multiple remote branches connected by slower WAN links, traffic shaping can be used on the central router's interfaces. This ensures that a single high-bandwidth application at the central office does not overwhelm the slow link to a remote branch, preserving bandwidth for critical applications at that branch.
Hierarchical QoS Policies: Shaping can be a component of a larger QoS strategy. For example, a main link might be shaped to a total of $10$ Mbps. Within that shaped rate, different queueing policies could then be applied to prioritize voice, video, and data traffic, ensuring that the total traffic never exceeds the overall shaped rate.