Re: [nsp] rate-limit flows per user in dynamic env.

From: Rich Sena (ras@poppa.thick.net)
Date: Wed Mar 07 2001 - 18:38:14 EST


Is this person authenticating via a NAS under your admiistration? You
could apply an acl via a tacacs account to their login and then direct
that traffic to an interface that you could shape...

On Mar 7, 2001 Dan Debertin spake:

> On Wed, 7 Mar 2001, Thomas Kernen wrote:
> >
> > My problem is the fact that the IP and/or MAC address is unknown, the
> > rest is trivial.
>
> Thomas,
> You need some way of identifying this user or group of users. If
> IP address and MAC address are unavailable to you as identifiers, are
> there any other characteristics that could be used to identify the user,
> such as destination address?
>
> If there aren't, it's going to be pretty much impossible to traffic-shape
> this user individually, although doing something global is still an
> option.
>
> What sort of situation is this? DSL? Ethernet? More specifics....
>
>
> Dan Debertin
> --
> ++ Unix is the worst operating system, except for all others.
>
> ++ Dan Debertin
> ++ Senior Systems Administrator
> ++ Bitstream Underground, LLC
> ++ airboss@bitstream.net
> ++ (612)321-9290 x108
> ++ GPG Fingerprint: 0BC5 F4D6 649F D0C8 D1A7 CAE4 BEF4 0A5C 300D 2387
>
>
>
>

-- 
Rich Sena - ras@thick.net
ThickNET Consulting
"On the way to understanding; you understand, and forget."



This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:12:31 EDT