What is the guaranteed access rate?
Committed Access Rate (CAR) is a Cisco feature used in network optimization and security. It limits the input or output traffic rate on an interface or sub-interface based on criteria such as IP precedence, IP access list, or incoming interface. When the traffic reaches the set limit, CAR determines which actions should be taken. These actions can be configured using CAR commands that use the values for the rate limit, the allowable burst rate, and the action to take when the traffic reaches or exceeds the set limit.
The guaranteed access rate is similar to traffic shaping, in which the incoming or outgoing traffic rate is limited according to certain criteria. CAR differs from traffic shaping in dealing with excess data when a data burst occurs. While Traffic Shaping buffers the excess data, CAR takes a user-specified action to exceed it.
The two main functions of CAR are:
- Bandwidth management via rate limitation
- Packet classification with IP priority setting
A CAR function can be implemented using specifications related to:
- rate restrictions
- Customizing and exceeding actions
- Matching criteria
- Rate guidelines used
Rate limits define the match of a packet based on the values of the average traffic rate, normal burst size, and excess burst size.
When a packet either meets or exceeds the rate limit set by the user, all overrun actions, such as drop, record priority, send, or continue, are performed on the packet.
The rate guidelines can be used to specify the conditions for matching criteria under which rate capping should be applied. They can be based on total IP traffic, the rate limit access list, or the standard IP access list. Each interface or sub-interface can have multiple CAR guidelines, and each package must be checked under each of these guidelines. If none of the matching criteria is met, the packet is transmitted. When a condition is met, the appropriate exceedance action is taken on the packet and it is either deleted or compared to the next rate policy.
CAR can be effectively used to optimize network behavior in congestion situations. It allows high priority packets to be prioritized before they are dropped, thus helping to provide a useful intermediate step before deleting a packet.
Although the use of CAR can affect network performance, it protects the network from Internet-based Denial-of-Service (DoS) attacks such as PING flood or SYN attacks.