[RADIATOR] Bandwidth switch COA advice

Michael ringo at vianet.ca
Wed Mar 27 12:18:33 CDT 2013 

I do this, but it's done by sending the "cisco-avpair" attribute to the 
nas, with a value such as: "ip:sub-qos-policy-out=RATE10M".  "RATE10M" 
is a rate policy that MUST be already setup in the NAS.  And of course 
you usually have 2 of these values.  1 being ip:sub-qos-policy-in= and 
the other ip:sub-qos-policy-out= to cover both the upload and the download.

On a wider view of the process i myself use, i inject the request using 
radpwtst into NOT the nas, but into the radiator system which is 
configured to proxy the request itself to the nas, and then you have the 
ability to log that action.  The nas needs to be setup with the POD 
server to accept these requests.


Michael


On 27/03/13 05:16 AM, Thomas Kurian wrote:
> Hello Friends,
> I want to do a COA ,to switch the bandwidth profile of the users after 
> they exceed maximum their allocated quota. Which are the attributes  
> to be  included in the COA script to achieve this( (with respect to 
> the following  Accounting request capture from the NAS[cisco ISG]) , 
> is it cisco-Policy-Up/Down or some other?
> what additional script lines might be required to achieve this 
> bandwidth switch COA?
> Is there some configuration to be changed on the NAS end?
>
> To make myself clear ,my requirement is for example,  to switch the 
> bandwidth of this user from 8Mbps to 1Mbps after this user exceeds 
> allocated quota ( quota check is to done by comparing 2 values like 
> this, if monthlycounter>=maxquota  ,perform the COA bandwidth 
> switching). Note:[totalcounter and maxquota are column names in my 
> odbc database named quotasubscribers].
>
> _Hook_
> sub { \
>           my $p = ${$_[0]}; \
>           return unless $p->code eq 'Accounting-Request'; \
>           main::log($main::LOG_DEBUG, 'Handling Accounting-Request'); \
>           my $user_name = $p->get_attr('User-Name'); \
>           my $sess_id = $p->get_attr('Acct-Session-Id'); \
>           my $framed_ipaddress = $p->get_attr('Framed-IP-Address'); \
>           my @coa_attrs = ("User-Name=$user_name", 
> "Acct-Session-Id=$sess_id", "Framed-IP-Address=$framed_ipaddress");\
>           my @cmd_args = ("-noacct", "-noauth", "-time","-code", 
> "Change-Filter-Request"); \
>              push @cmd_args, ("-trace", "4", "-bind_address", 
> "0.0.0.0", "-auth_port", "3799", "-secret", "xxxxxxx", "-s", "x.x.x.x"); \
>           my @cmd = ("perl", "radpwtst"); \
>           main::log($main::LOG_DEBUG, "Running command: @cmd @cmd_args 
> @coa_attrs"); \
>           system (@cmd, @cmd_args, @coa_attrs); \
>         }
> _Accounting request sent from ISG_
> Wed Mar 27 10:19:32 2013: DEBUG: Packet dump:
> *** Received from 10.50.1.4 port 1646 ....
> Code:       Accounting-Request
> Identifier: 165
> Authentic:  .<25>5]<191><175>+<218>#<237><182><22><220><229>|<214>
> Attributes:
>         Acct-Session-Id = "002D98E3"
>         cisco-Policy-Up = "8Mbps"
>         cisco-Policy-Down = "8Mbps"
>         Framed-Protocol = PPP
>         Framed-IP-Address = 94.187.159.88
>         User-Name = "99759991"
>         cisco-avpair = "connect-progress=LAN Ses Up"
>         cisco-avpair = "nas-tx-speed=1000000000"
>         cisco-avpair = "nas-rx-speed=1000000000"
>         Acct-Session-Time = 40503
>         Acct-Input-Octets = 81218503
>         Acct-Output-Octets = 2504979160
>         Acct-Input-Packets = 1032810
>         Acct-Output-Packets = 1829162
>         Acct-Authentic = RADIUS
>         Acct-Status-Type = Alive
>         NAS-Port-Type = Virtual
>         NAS-Port = 0
>         NAS-Port-Id = "0/0/0/666"
>         cisco-avpair = "client-mac-address=7073.cbb3.66c8"
>         Class = 
> "<153>3<1><8>99759991<21><4><4>$<221><0>3<4><3><0><0><0>                                                                                               3<4><12><0><0><0>3<4><6><0><0><0>1<16>c1dfaedfabcffee7"
>         Service-Type = Framed-User
>         NAS-IP-Address = 10.50.1.4
>         Event-Timestamp = 1364368772
>         NAS-Identifier = "DC-ISG2-Flash.wimd.kw"
>         Acct-Delay-Time = 0
> -- 
> Requesting your kind help and advice,
>
> Thomas Kurian
> IT Security Engineer (B.Tech. -- Electrical)
> Kuwaiti Canadian Consulting Group (www.kccg.com)
> T: +965 22435566
> F: +965 22415149
> E:thomas at kccg.com
>
>
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.open.com.au/pipermail/radiator/attachments/20130327/c869109d/attachment.html

More information about the radiator mailing list