(RADIATOR) Rate-limit if user downloads exceed nMb in given Month.

Thu Apr 27 01:37:13 CDT 2006

Damnit, I was missing the aaa pod server!

Getting back to rate-limits, I would also total the inbound octets and
update the users profile with av-pairs. I was also considering using the
change-filter-request to apply limits rather than disconnecting to initially
apply the filter. For each subsequent connection the limits would be applied
through the av-pairs.

> >
> > Hi Michael,
> >
> > I have tried both "Change-Filter-Request" and
> > "Disconnect-Request" with a Cisco 3600 (IOS 12.3) using
> > 'radpwtst' on vpdn PPTP sessions. The Cisco does ACK the
> > request but then does nothing. I would be interested to know
> > if you get different results. Apart from that I would
> > probably use rate-limits with scripts as you outlined.
> > Otherwise the only other way I can think of is to use
> > virtual-templates.
> 
> Im running 12.4 on a Cisco 1801 for testing pppoe connections.....so
> your mileage may vary.
> 
> Just been playing with radpwtst(Talking directly to NAS), and found a
> way to successfully boot a user:
> 
> Cisco component(Be sure to use "any" as default is "all" which will
> require you to match all four key attributes (user-name,
> framed-IP-address, session-ID, and session-key - I am only interested in
> matching User-Name):
> 
> aaa pod server auth-type any server-key xxxxxx
> 
> Then, radpwtst:
> 
> perl radpwtst -s xxx.xxx.xxx.xxx -auth_port 1700 -acct_port 1700 -noauth
> -noacct -secret xxxxxx -code Disconnect-Request User-Name=test3 at foo.com
> -trace 5
> 
> 
> NB trace 5 only there for debugging...Debug aaa pod is quite handy also
> on the cisco...
> 
> 
> 
> 
> >
> > -- Andrew
> >
> > > -----Original Message-----
> > > From: owner-radiator at open.com.au
> > [mailto:owner-radiator at open.com.au]
> > > On Behalf Of Michael Bellears
> > > Sent: Thursday, 27 April 2006 1:50 PM
> > > To: radiator at open.com.au
> > > Subject: (RADIATOR) Rate-limit if user downloads exceed nMb
> > in given
> > > Month.
> > >
> > > I know the above is possible, just wondering the best way
> > to implement?
> > > (Cisco NAS)
> > >
> > > - Run script every night that totals users inbound octets(From SQL
> > > Dbase), and if octets exceed n, update users profile with
> > cisco-avpair
> > > rate-limit, use radpwtst (Or snmp?) to send NAS a
> > Disconnect-Request
> > > for that user, user re-auths, and new rate-limit is applied.
> > >
> > > Then at the end of each month, reset all users profiles to correct
> > > speed limit.
> > >
> > > Is the above a workable solution?
> > >
> > > Regards,
> > > MB
> > >
> > > --
> > > Archive at http://www.open.com.au/archives/radiator/
> > > Announcements on radiator-announce at open.com.au To
> > unsubscribe, email
> > > 'majordomo at open.com.au' with 'unsubscribe radiator' in the
> > body of the
> > > message.
> >
> >
> >
> > --
> > Archive at http://www.open.com.au/archives/radiator/
> > Announcements on radiator-announce at open.com.au To
> > unsubscribe, email 'majordomo at open.com.au' with 'unsubscribe
> > radiator' in the body of the message.
> >
> 
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.