Network services with deterministic guarantees are based on a worst-case de
scription of user-generated traffic. When designing a policing and scheduli
ng algorithm for guaranteed services on the Internet, accuracy of descripti
on of the traffic profile has to be traded with simplicity of implementatio
n. The result of this trade off is often expressed as the number of token b
uckets required by the service along with the choice of their parameters. T
he GS type of service proposed by the IETF uses two token buckets both fur
characterizing the traffic and fur policing it. The choice of using only tw
o token buckets is primarily driven by policing costs. In this paper we pro
pose a nethod that allows the number of token buckets used for characterizi
ng the traffic to be greater than what is actually needed to police it. Thi
s means we can obtain an accurate profile of the traffic while keeping poli
cing simple. The method consists of computing a profile of the traffic whic
h involves a number of token buckets of the order of ten, and then doing th
e policing using only the first token bucket, plus another one which is cho
sen depending on the delay requirements of the receivers. This paper shows
that with this simple enhancement we obtain a guaranteed service whose perf
ormance closely approaches the theoretical limits of services with determin
istic guarantees.