RADIUS Server Configuration for Per-Port CoS (802.1p Priority) and Rate-Limiting
Service
Control Method and Operating Notes:
Rate-Limiting on
Vendor-Specific Attribute configured in the RADIUS server.
inbound traffic
ProCurve (HP) vendor-specific ID:11
This feature assigns a VSA: 46 (integer = HP)
bandwidth limit to all
Setting: HP-RATE-LIMIT = < bandwidth-in-Kbps >
inbound packets
received on a port
supporting an
authenticated client.
Requires a port-access (802.1X, Web Auth, or MAC Auth)
For more on Rate-Limiting, refer to "Rate-Limiting" in the "Port Traffic
Controls" chapter of the Management and Configuration Guide for
your switch.
Applied Rates for RADIUS-Assigned Rate Limits
On the switches covered by this guide, rate limits are applied incrementally,
as determined by the RADIUS-applied rate. For any given bandwidth assign
ment, the switch applies the nearest rate increment that does not exceed the
assigned value. The increments are in graduated steps, as described in table
6-1.
Table 6-1.
RADIUS-Assigned Rate-Limit Increments
RADIUS-Assigned
Bits-Per-Second Rate Limit
1 - 10,999,999
11,000,000 - 100,999,999
101,000,000 - 999,999,999
1,000,000,000 - 10 Gbps
For example, some of the following RADIUS-assigned rates fall between their
respective incremental values, resulting in applied rates lower than the
RADIUS-assigned rates. However, others match their respective incremental
values, resulting in no difference between the RADIUS-assigned rate limits
and the applied rate limits.
Configuring RADIUS Server Support for Switch Services
Note: The CLI command for configuring a rate-limit on a port uses
a percentage value. However, using a VSA on a RADIUS server to
specify a rate-limit requires the actual Kbps to which you want to
limit inbound traffic volume. Thus, to limit in-bound traffic on a
gigabit port to 50% of the port's bandwidth capacity requires a VSA
setting of 500000 (1,000,000 x 0.5).
authentication method configured on the client's port on the
ProCurve switch.
Applied Rate-Limiting
Increment
100 Kbps
1 Mbps
10 Mbps
100 Mbps
6-5