[cisco-nas] per-user MCQ on vaccess interfaces?

Gert Doering gert at greenie.muc.de
Tue Nov 15 15:04:51 EST 2005


Hi,

is there a way to set per-user CAR/MCQ rules from Radius, for PPPoE dial-in
customers?

What we need is something like this:

 - user connection comes in via PPPoE

 - user has purchased a maximum total bandwidth
   (but the access link is faster, due to media constraints)
   -> we need to apply outgoing traffic shaping and incoming policing
   in case he modifies the shaping configuration on the CPE

 - user can potentially purchase different QoS classes, like this:

      - up to 512 Kbit/s of traffic to 10.10.10.0/24 gets TOS bits set to
        "prio high"  (for an on-net VPN link with guaranteed bandwidth)

      - up to 2 Mbit/s of aggregate traffic gets TOS bits set to "best-effort"

      - everything above 2 Mbit/s is dropped

I know that Cisco's hierarchical QoS stuff can do all this, but I'm not
sure whether I can apply it completely from Radius.

(The underlying issue is: the provisioning is done by different teams
than the actual router configuration and maintenance, so it would be
greatly preferred to have *all* per-user config in Radius.  There are
some FreeBSD-based PPPoE solutions - mpd - that can do it, but we do
also want to consider a Cisco-based solution)

Pre-configuring different classes for the "access bandwidth" would be
possible, but due to the demand for "VPN QoS classes", we cannot 
pre-configure all possible per-user configurations.

Now, CAR and GTS could be applied on a per-interface basis from Radius 
just fine (as all the config is done inside the interface), but for
the hierarchical stuff, you need to configure the policy-map stuff
globally...

Any ideas?

gert
-- 
USENET is *not* the non-clickable part of WWW!
                                                           //www.muc.de/~gert/
Gert Doering - Munich, Germany                             gert at greenie.muc.de
fax: +49-89-35655025                        gert at net.informatik.tu-muenchen.de


More information about the cisco-nas mailing list