I do this, but it's done by sending the "cisco-avpair" attribute to the
nas, with a value such as: "ip:sub-qos-policy-out=RATE10M". "RATE10M"
is a rate policy that MUST be already setup in the NAS. And of course
you usually have 2 of these values. 1 being ip:sub-qos-policy-in= and
the other ip:sub-qos-policy-out= to cover both the upload and the download.
On a wider view of the process i myself use, i inject the request using
radpwtst into NOT the nas, but into the radiator system which is
configured to proxy the request itself to the nas, and then you have the
ability to log that action. The nas needs to be setup with the POD
server to accept these requests.
Michael
On 27/03/13 05:16 AM, Thomas Kurian wrote:
Hello Friends,
I want to do a COA ,to switch the bandwidth profile of the users after
they exceed maximum their allocated quota. Which are the attributes
to be included in the COA script to achieve this( (with respect to
the following Accounting request capture from the NAS[cisco ISG]) ,
is it cisco-Policy-Up/Down or some other?
what additional script lines might be required to achieve this
bandwidth switch COA?
Is there some configuration to be changed on the NAS end?
To make myself clear ,my requirement is for example, to switch the
bandwidth of this user from 8Mbps to 1Mbps after this user exceeds
allocated quota ( quota check is to done by comparing 2 values like
this, if monthlycounter>=maxquota ,perform the COA bandwidth
switching). Note:[totalcounter and maxquota are column names in my
odbc database named quotasubscribers].
_Hook_
sub { \
my $p = ${$_[0]}; \
return unless $p->code eq 'Accounting-Request'; \
main::log($main::LOG_DEBUG, 'Handling Accounting-Request'); \
my $user_name = $p->get_attr('User-Name'); \
my $sess_id = $p->get_attr('Acct-Session-Id'); \
my $framed_ipaddress = $p->get_attr('Framed-IP-Address'); \
my @coa_attrs = ("User-Name=$user_name",
"Acct-Session-Id=$sess_id", "Framed-IP-Address=$framed_ipaddress");\
my @cmd_args = ("-noacct", "-noauth", "-time","-code",
"Change-Filter-Request"); \
push @cmd_args, ("-trace", "4", "-bind_address",
"0.0.0.0", "-auth_port", "3799", "-secret", "xxxxxxx", "-s", "x.x.x.x"); \
my @cmd = ("perl", "radpwtst"); \
main::log($main::LOG_DEBUG, "Running command: @cmd @cmd_args
@coa_attrs"); \
system (@cmd, @cmd_args, @coa_attrs); \
}
_Accounting request sent from ISG_
Wed Mar 27 10:19:32 2013: DEBUG: Packet dump:
*** Received from 10.50.1.4 port 1646 ....
Code: Accounting-Request
Identifier: 165
Authentic: .<25>5]<191><175>+<218>#<237><182><22><220><229>|<214>
Attributes:
Acct-Session-Id = "002D98E3"
cisco-Policy-Up = "8Mbps"
cisco-Policy-Down = "8Mbps"
Framed-Protocol = PPP
Framed-IP-Address = 94.187.159.88
User-Name = "99759991"
cisco-avpair = "connect-progress=LAN Ses Up"
cisco-avpair = "nas-tx-speed=1000000000"
cisco-avpair = "nas-rx-speed=1000000000"
Acct-Session-Time = 40503
Acct-Input-Octets = 81218503
Acct-Output-Octets = 2504979160
Acct-Input-Packets = 1032810
Acct-Output-Packets = 1829162
Acct-Authentic = RADIUS
Acct-Status-Type = Alive
NAS-Port-Type = Virtual
NAS-Port = 0
NAS-Port-Id = "0/0/0/666"
cisco-avpair = "client-mac-address=7073.cbb3.66c8"
Class =
"<153>3<1><8>99759991<21><4><4>$<221><0>3<4><3><0><0><0> 3<4><12><0><0><0>3<4><6><0><0><0>1<16>c1dfaedfabcffee7"
Service-Type = Framed-User
NAS-IP-Address = 10.50.1.4
Event-Timestamp = 1364368772
NAS-Identifier = "DC-ISG2-Flash.wimd.kw"
Acct-Delay-Time = 0
--
Requesting your kind help and advice,
Thomas Kurian
IT Security Engineer (B.Tech. -- Electrical)
Kuwaiti Canadian Consulting Group (www.kccg.com)
T: +965 22435566
F: +965 22415149
E:tho...@kccg.com
_______________________________________________
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator
_______________________________________________
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator
