PrepAway - Latest Free Exam Questions & Answers

Which two statements about traffic shaping capability on the Cisco ASA appliance are true?

Which two statements about traffic shaping capability on the Cisco ASA appliance are true?
(Choose two.)

PrepAway - Latest Free Exam Questions & Answers

A.
Traffic shaping can be applied to all outgoing traffic on a physical interface or, in the case of the
Cisco ASA 5505 appliance, on a VLAN.

B.
Traffic shaping can be applied in the input or output direction.

C.
Traffic shaping can cause jitter and delay.

D.
You can configure traffic shaping and priority queuing on the same interface.

E.
With traffic shaping, when traffic exceeds the maximum rate, the security appliance drops the
excess traffic.

Explanation:
http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/qos.html#wp1083655
Information About Traffic Shaping Traffic shaping is used to match device and link speeds, thereby
controlling packet loss, variable delay, and link saturation, which can cause jitter and delay.
•Traffic shaping must be applied to all outgoing traffic on a physical interface or in the case of the
ASA 5505, on a VLAN. You cannot configure traffic shaping for specific types of traffic.
•Traffic shaping is implemented when packets are ready to be transmitted on an interface, so the
rate calculation is performed based on the actual size of a packet to be transmitted, including all
the possible overhead such as the IPsec header and L2 header.
•The shaped traffic includes both through-the-box and from-the-box traffic.
•The shape rate calculation is based on the standard token bucket algorithm. The token bucket
size is twice the Burst Size value. See the “What is a Token Bucket?” section.
•When burst traffic exceeds the specified shape rate, packets are queued and transmitted later.
Following are some characteristics regarding the shape queue (for information about hierarchical
priority queuing, see the “Information About Priority Queuing” section):
–The queue size is calculated based on the shape rate. The queue can hold the equivalent of 200-
milliseconds worth of shape rate traffic, assuming a 1500-byte packet. The minimum queue size is
64.
–When the queue limit is reached, packets are tail-dropped.
–Certain critical keep-alive packets such as OSPF Hello packets are never dropped.
–The time interval is derived by time_interval = burst_size / average_rate. The larger the time
interval is, the
bustier the shaped traffic might be, and the longer the link might be idle. The effect can be best
understood using the following exaggerated example:
Average Rate = 1000000
Burst Size = 1000000
In the above example, the time interval is 1 second, which means, 1 Mbps of traffic can be bursted
out within the first 10 milliseconds of the 1-second interval on a 100 Mbps FE link and leave the
remaining 990 milliseconds idle without being able to send any packets until the next time interval.

So if there is delay sensitive traffic such as voice traffic, the Burst Size should be reduced
compared to the average rate so the time interval is reduced.


Leave a Reply