06-21-2021 07:32 AM - edited 07-02-2021 09:35 PM
Hello Wireless experts,
I want a very simple configuration as I have it with AireOS today:
Requirement 1: Rate limit a SSID to a certain value (example 10 Mbit/s)
=> So the aggregate traffic to and from the SSID must not exceed the limit for all clients
Requirement 2: Rate limit the clients within the SSID to a certain value (example 8 Mbit/s)
Examples:
One wireless client sends traffic to a wired server (iPerf): Result throughput is 8 Mbit (client rate limit)
Two wireless client sends traffic to a wired server (iPerf): Result throghput per client is ~5 Mbit/s (10 Mbit/s aggregate)
I cannot get this to work. So this is what I did:
1.) Wireless profile policy
wireless profile policy SSID-RATELIMIT
[...]
service-policy client input CLIENT-POLICY-LAB
service-policy client output CLIENT-POLICY-LAB
service-policy input SSID-POLICY-LAB
service-policy output SSID-POLICY-LAB
!
policy-map CLIENT-POLICY-LAB
class class-default
police cir 8000000
!
policy-map SSID-POLICY-LAB
class class-default
police cir 1000000
!
When doing an iPerf from two clients at the same time, the limit is ~ 8 Mbit/s per client.... So the SSID rate limit does not work.
I saw the example: https://www.cisco.com/c/en/us/support/docs/wireless/catalyst-9800-series-wireless-controllers/215441-configure-qos-rate-limiting-on-catalyst.html
However, this does not answer my question at all.
I don't want all the fancy AAA override, AVC or the other stuff. I just want a plain per user AND a per SSID rate limiter
10-27-2021 11:59 PM
Hello! Did you find a solution?
All I found is a note in https://www.cisco.com/c/en/us/support/docs/wireless/catalyst-9800-series-wireless-controllers/215441-configure-qos-rate-limiting-on-catalyst.html
"On wave2 and 11ax Access Points, rate-limiting occurs at a per-flow (5 tuple) level and not per-client or per-SSID. This applies to AP in Flexconnect/Fabric, Embedded Wireless Controller on Access Point (EWc-AP) deployments.
Starting 17.5, AAA override can be leveraged to push the attributes to achieve per-client rate-limiting."
So I need to use AAA override and AAA server for per-client rate-limiting. It's unacceptable for me.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide