Hi,
is there a way to set per-user CAR/MCQ rules from Radius, for PPPoE dial-in
customers?
What we need is something like this:
- user connection comes in via PPPoE
- user has purchased a maximum total bandwidth
(but the access link is faster, due to media constraints)
-> we need to apply outgoing traffic shaping and incoming policing
in case he modifies the shaping configuration on the CPE
- user can potentially purchase different QoS classes, like this:
- up to 512 Kbit/s of traffic to 10.10.10.0/24 gets TOS bits set to
"prio high" (for an on-net VPN link with guaranteed bandwidth)
- up to 2 Mbit/s of aggregate traffic gets TOS bits set to "best-effort"
- everything above 2 Mbit/s is dropped
I know that Cisco's hierarchical QoS stuff can do all this, but I'm not
sure whether I can apply it completely from Radius.
(The underlying issue is: the provisioning is done by different teams
than the actual router configuration and maintenance, so it would be
greatly preferred to have *all* per-user config in Radius. There are
some FreeBSD-based PPPoE solutions - mpd - that can do it, but we do
also want to consider a Cisco-based solution)
Pre-configuring different classes for the "access bandwidth" would be
possible, but due to the demand for "VPN QoS classes", we cannot
pre-configure all possible per-user configurations.
Now, CAR and GTS could be applied on a per-interface basis from Radius
just fine (as all the config is done inside the interface), but for
the hierarchical stuff, you need to configure the policy-map stuff
globally...
Any ideas?
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert@greenie.muc.de
fax: +49-89-35655025 gert@net.informatik.tu-muenchen.de
_______________________________________________
cisco-nas mailing list
cisco-nas@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nas
is there a way to set per-user CAR/MCQ rules from Radius, for PPPoE dial-in
customers?
What we need is something like this:
- user connection comes in via PPPoE
- user has purchased a maximum total bandwidth
(but the access link is faster, due to media constraints)
-> we need to apply outgoing traffic shaping and incoming policing
in case he modifies the shaping configuration on the CPE
- user can potentially purchase different QoS classes, like this:
- up to 512 Kbit/s of traffic to 10.10.10.0/24 gets TOS bits set to
"prio high" (for an on-net VPN link with guaranteed bandwidth)
- up to 2 Mbit/s of aggregate traffic gets TOS bits set to "best-effort"
- everything above 2 Mbit/s is dropped
I know that Cisco's hierarchical QoS stuff can do all this, but I'm not
sure whether I can apply it completely from Radius.
(The underlying issue is: the provisioning is done by different teams
than the actual router configuration and maintenance, so it would be
greatly preferred to have *all* per-user config in Radius. There are
some FreeBSD-based PPPoE solutions - mpd - that can do it, but we do
also want to consider a Cisco-based solution)
Pre-configuring different classes for the "access bandwidth" would be
possible, but due to the demand for "VPN QoS classes", we cannot
pre-configure all possible per-user configurations.
Now, CAR and GTS could be applied on a per-interface basis from Radius
just fine (as all the config is done inside the interface), but for
the hierarchical stuff, you need to configure the policy-map stuff
globally...
Any ideas?
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert@greenie.muc.de
fax: +49-89-35655025 gert@net.informatik.tu-muenchen.de
_______________________________________________
cisco-nas mailing list
cisco-nas@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nas