Limit users traffic quota via radius

David Roze david at netexpertise.eu
Wed Sep 19 21:11:33 CEST 2007


You can tell the NAS to send accounting updates every so often (every hour
for example with: "aaa accounting update periodic 60" on Cisco) and
calculate the amount of traffic each user has consumed with an SQL query in
the Radius database. Another option is to query the NAS with SNMP.

Check this to reset the user's interface with packet of disconnect:
http://wiki.freeradius.org/Packet_of_Disconnect

I wrote some articles about this on
http://www.netexpertise.eu/en/FreeRadius/index.html

A small script in shell would do what you want...

David Rozé
----
http://www.netexpertise.eu

-----Original Message-----
From: freeradius-users-bounces at lists.freeradius.org
[mailto:freeradius-users-bounces at lists.freeradius.org] On Behalf Of
Anonymous
Sent: 19 September 2007 15:09
To: FreeRadius users mailing list
Subject: Re: Limit users traffic quota via radius

Hi,

so basically all I need is a  RFC 3576-compliant radius server and the 
correct vsa specific of cisco device?
What I do not understand is if :

)the radius check the quota (but how and how often?) and then push the 
disconnect to the device, or
)the device, once the user is authenticathed, get a profile and then it 
checks with an internal specific process (specified by a vsa), the 
quota, with the action after the threshold.

I'm a bit confused, as snmp/script solution implies that a machine 
should login/check the virtual interface status and then issue a command 
like "shutdown" correct?
Is thi the only way to accomplish a QoS task!?

Thanks for your help,

Massimiliano


Peter Nixon wrote:
> This is not correct. You may use SNMP, or you may use a RADIUS Change of 
> Authority/Packet of Disconnect request...
>
> Regards
>
> Peter
>
> On Wed 19 Sep 2007, Willie Yeo wrote:
>   
>> You need SNMP to disconnect the link, not Radius.
>>
>> The only other way I can think of is that, if you can use an external
>> program/script to check the quota from your accounting records, and
>> then if that quota is reached, then send the program sends to SNMP to
>> disconnect the user.
>>
>> On 18/09/2007, at 6:34 PM, Anonymous wrote:
>>     
>>> I'm trying to close the connection of a pre-paid mobile user, after
>>> he reached a limited amount of traffic (ie. 100 megabytes), the
>>> network device is a Cisco router.
>>> I've found may way to rate-limit the traffic bandwidth but not one
>>> to do this.
>>> Is radius the correct way to achieve this goal? It'all about vsa?
>>>       
>> -
>> List info/subscribe/unsubscribe? See
>> http://www.freeradius.org/list/users.html
>>     
>
>
>
>   
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html





More information about the Freeradius-Users mailing list