cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
637
Views
0
Helpful
9
Replies
James Wood
Beginner

Per user bandwidth limiting supported on 9800 (IOS-XE) ?


Does anyone know if it's possible to set a device rate limit (downstream/upstream) via the RADIUS Access-Accept response like we can in AireOS using similar to the below attributes:

  • Airespace-Data-Bandwidth-Average-Contract
  • Airespace-Data-Bandwidth-Burst-Contract

We can't seem to find equivalent radius attributes or av-pair values to make this work on IOS-XE devices...

Thanks

 

James

9 REPLIES 9
balaji.bandi
VIP Master

i know we can do old controllers , i am also part of journey with Cat 9800

 

its possible as per the document - yet to be tested :

 

https://www.cisco.com/c/en/us/td/docs/wireless/controller/9800/config-guide/b_wl_16_10_cg/quality-of-service.html

 

BB

***** Rate All Helpful Responses *****

How to Ask The Community for Help

Thanks. I did see this document, but it's not really showing if it can be done via the RADIUS reply. And it seems to support defined policies on the WLC, rather than dynamic values set via the RADIUS reply. i.e. some clients get 1Mb, some 2Mb, some 10, some 20 etc. depending on their package.

 

 

Got you, so you looking based on the user, not all clients, not that i am aware this was tested my self. but good option, if you looking to offer services to clients.

 

what kind of Radius  you using ISE ?

 

check below thread may help you :

 

https://community.cisco.com/t5/network-access-control/freeradius-with-wlc-8-3-122-per-user-bandwidth-rate-limits/td-p/3839617

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Community for Help

We already do this (have for years ) on the AireOS WLCs (as per the link you posted) but with Catalyst IOS-XE we can't find the equivalent RADIUS attribute to use  

 

 

what radius you using - looking at document there command syntax bit changed : (still required for me to test) - will test later with ISE

Configuration Example for Per-User QoS via AAA Policy Name

 

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_usr_radcfg/configuration/xe-16/sec-usr-radcfg-xe-16-book/sec-qos-aaa-pol-name.html

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Community for Help

Freeradius, though it shouldn't matter as the attribute name should work with any RADIUS, once we know what it is!

 

The guide you linked to is for the Cisco Cloud Services Router 1000 Voice Series, not wireless?

 

Thanks

 

James

This should do what you need but the WLC must be running IOS XE 17.5 or later:

https://www.cisco.com/c/en/us/support/docs/wireless/catalyst-9800-series-wireless-controllers/215441-configure-qos-rate-limiting-on-catalyst.html

Check out the attached screenshot from the doc for the required A/V pairs. Just substitute "BWLimitAAAClients" for the name of your preconfigured QoS policy in your authz profile.

I've not tested it myself but I too need the functionality for a customer project!

(Credit to @vibobrov for identifying the solution)

Thanks - but this still relies on multiple profiles/policies being added manually on the controller first. We're looking to dynamically pass a figure in bits/kbits like you can on the AOS WLC, i.e. we can just limit the speed for a particular user by setting the attribute value to 2000k.

 

Thanks

James

Oh I see, sorry James I misunderstood your requirement. I'm not sure that's possible but I'm sure somebody else here will pipe up if it is. Either way, please bear in mind that you will need IOS XE 17.5 for AAA override.

Create
Recognize Your Peers
Content for Community-Ad