Hello Kevin,

I can't answer definitively, but I would assume that it would be done on your NAS(depending on your hardware these rules "could" be propagated to the child devices). It would defy all logic for it to be done on the client, Just as you would in an unauthenticated wired/wireless network it is always best to control traffic at the distribution point.

Hope that helps.

Take Care,
Leigh Martell

On Wed, Dec 17, 2008 at 12:14 PM, kevin <rat@yia.ca> wrote:
While an "out of the box" solution is where I'll probably end up, I'm
battling with myself over the idea of how to best manage bandwidth on a
network including multiple remote locations, with both wired and
wireless connections.

I'm moving to using freeradius to authenticate (which ultimately will be
done by MAC for initial ease of setup) but I'm trying to figure out
where the Bandwidth attributes actually are used.

IOW, when using WISPr-Bandwidth, does that modify the client connection
at the client computer or does that occur at a proxy or firewall device?
What I'm getting at is, is a captive portal necessary or can a person
simply have client authentication via freeradius and the client network
card handle managing its own bandwidth?  And if so, is there any
possibility that the client computer could be modified by someone with a
bit of skill to bypass those controls?

Hope that made sense.

Cheers,

Kevin


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html