[RADIATOR] Limiting Bandwidth after some Bytes Usage achieved

Indrajaya Pitra Perdana vietrha at indo.net.id
Tue May 26 20:32:29 CDT 2009


Thanks Joe for sharing your experiences

Regards
~Indrajaya Pitra Perdana~



Joe Hughes wrote:
> Hi Indrajaya
>
> We developed a similar system for our DSL customers, we took a similar
> approach but a slightly different solution when it came to limiting
> users traffic. You could use SNMP, NetFlow or RADIUS - I'm guessing
> because you're asking here you want to use the latter.
>
> We store the data in MSSQL in a way whereby we can view the usage to a
> granularity of 1 hour - with this we can then summarise data by
> day\week\month\year. Each user has a policy (or multiple policies) in
> the database with a given cap (e.g. 4GB). We have a scheduled task
> that checks every minute to see if a user has exceeded their quota, if
> they have, the database adds a row to an 'actions' table (e.g. add
> cap, remove cap). This task also runs during user logon events. We
> have an external system which then processes these actions.
>
> This is where our solution is slightly different to the one Hugh
> proposed. We explored using (POD) commands with dynamic access-lists
> on the NAS - but unfortunately for us, the NAS is part of a wholesale
> providers network and they don't support either. In the end we opted
> for inline traffic management boxes, basically acting as ethernet
> bridges. It was then relatively trivial to call commands on the boxes
> when an 'action' occurred to dynamically add\remove IP addresses from
> each group. Some systems have documented APIs, toolkits or you can
> just use the CLI and SSH.
>
> We had some success with Mikrotik's RouterOS on x86 hardware during
> testing - their traffic queuing is very simple yet very effective - at
> the time we called the necessary CLI commands through an SSH session
> although I believe their HTTP API has come on a bit since then.
> Ultimately we opted for a high-end traffic management box that
> supported things like DPI - and also had a external command toolkit
> that allowed us to modify policies on the fly. If we didn't have a
> requirement for DPI etc - then a Mikrotik easily would have sufficed
> (Incidentally, i believe RouterOS supports POD)
>
> Regards
>
> Joe
>
>
>
>
>
>
>
>
>   
>> Hello Indrajaya Pitra Perdana -
>>
>> Radiator itself can be used to update the user account details with the
>> total of bytes in / bytes out, but dealing with the totals must be done
>> outside of Radiator.
>>
>> Typically your authentication would check the user data allowance and return
>> the required bandwidth limits in the reply attributes, and interim
>> accounting would be used to maintain the running totals. You would then need
>> some periodic cron job or similar to scan the in-month totals and terminate
>> those sessions that exceed their limits. You can use "radpwtst" to send the
>> required session termination commands (POD) if supported by your NAS
>> equipment.
>>     
>
>
>   



More information about the radiator mailing list