Configuring RADIUS Server Support for Switch Services
RADIUS Server Configuration for Per-Port CoS (802.1p Priority) and Rate-Limiting
Service Control Method and Operating Notes:
Rate-Limiting on
Vendor-Specific Attribute configured in the RADIUS server.
inbound traffic
ProCurve (HP) vendor-specific ID:11
This feature assigns a
VSA: 46 (integer = HP)
bandwidth limit to all
Setting: HP-RATE-LIMIT = < bandwidth-in-Kbps >
inbound packets
received on a port
Note: The CLI command for configuring a rate-limit on a port uses
supporting an
a percentage value. However, using a VSA on a RADIUS server to
authenticated client.
specify a rate-limit requires the actual Kbps to which you want to
limit inbound traffic volume. Thus, to limit in-bound traffic on a
gigabit port to 50% of the port’s bandwidth capacity requires a VSA
setting of 500000 (1,000,000 x 0.5).
Requires a port-access (802.1X, Web Auth, or MAC Auth)
authentication method configured on the client’s port on the
ProCurve switch.
For more on Rate-Limiting, refer to “Rate-Limiting” in the “Port Traffic
Controls” chapter of the Management and Configuration Guide for
your switch.
Applied Rates for RADIUS-Assigned Rate Limits
On the switches covered by this guide, rate limits are applied incrementally,
as determined by the RADIUS-applied rate. For any given bandwidth assign-
ment, the switch applies the nearest rate increment that does not exceed the
assigned value. The increments are in graduated steps, as described in table
6-1.
Table 6-1. RADIUS-Assigned Rate-Limit Increments
RADIUS-Assigned
Bits-Per-Second Rate Limit
Applied Rate-Limiting
Increment
1 - 10,999,999 100 Kbps
11,000,000 - 100,999,999 1 Mbps
101,000,000 - 999,999,999 10 Mbps
1,000,000,000 - 10 Gbps 100 Mbps
For example, some of the following RADIUS-assigned rates fall between their
respective incremental values, resulting in applied rates lower than the
RADIUS-assigned rates. However, others match their respective incremental
values, resulting in no difference between the RADIUS-assigned rate limits
and the applied rate limits.
6-5
