Traffic policing enforces rate limits by dropping or remarking excess packets. It is a hard enforcement with no buffering.
How policing works:
- Define committed information rate (CIR)
- Track usage with token buckets
- Conforming traffic passes through
- Exceeding traffic is dropped or remarked
Token bucket: Tokens accumulate at CIR rate. Each packet consumes tokens. If available, packet conforms. If not, packet exceeds.
Use cases:
- Service provider enforcing contracts
- Protecting priority queue from floods
- Limiting specific applications
Policing is harsh. Dropped packets cause TCP retransmissions.