QoS Limit Bandwidth for group user

  • 0
  • 1
  • Question
  • Updated 1 year ago
  • Answered

Hi all,

I configured Dynamic VLAN in WS C-35. I have 1 Wireless Service, SSID: Buiding. In other hand, I have 2 group users : “Employee”(VLAN20) and “VIP”(VLAn30) in SSID “Buiding”. Two group users (Employee and VIP) are configured in Radius server. And I want to QoS limit bandwidth to each group. “Employee” is limited 2Mbps/user; “VIP” is limited  5Mbps/user.

Please give me a guide to implement.

Thanks
Photo of Long Tran

Long Tran

  • 666 Points 500 badge 2x thumb

Posted 1 year ago

  • 0
  • 1
Photo of Matthew Hum

Matthew Hum

  • 434 Points 250 badge 2x thumb
Just a question. your limits say 2 Mbps/user and 5 Mbps/user, but you ask for groups to be rate limited. Please clarify, is it the user or user group?
Photo of Long Tran

Long Tran

  • 666 Points 500 badge 2x thumb
Hi Matthew Hum,
I want to QoS limit bandwidth user. (users are configured by AD/Radius server (Window server 2008))
Thanks
(Edited)
Photo of Matthew Hum

Matthew Hum

  • 434 Points 250 badge 2x thumb
You should use RADIUS to assign a policy profile (specify a filter-id return in your Windows NPS). That policy profile (in the wireless controller, VNS->Roles) will have the ability to specify a rate limit per user within a unique Class of Service setting. You will need one role for "Employee" and one policy for "VIP".
Photo of Long Tran

Long Tran

  • 666 Points 500 badge 2x thumb
Hi Matthew Hum,
How to match 2 CoS (Employee and VIP) with 1 SSID "Building"? 
Photo of Matthew Hum

Matthew Hum

  • 434 Points 250 badge 2x thumb
If you include the SSID as a specific TLV attribute, then you can use that as a conditional in your access rule. But it shouldn't matter, as all the other RADIUS clients, if they do not understand the specially formatted Filter-ID that the EWC understands, then they should ignore it, and it won't affect anything else.

Specifically creating rules to only send the filter-ID back for that SSID becomes more complicated, unless you are using different policies for the same user on different SSIDs that are dynamically assigned, in which case you will need to more granularly write your access rules in NPS.
Photo of Nathiya Munuswamy

Nathiya Munuswamy, Employee

  • 1,706 Points 1k badge 2x thumb
Hi Long,

Rate limits are configured on a rule, role, or WLAN. Please check the KB article below,

https://gtacknowledge.extremenetworks.com/articles/How_To/How-to-configure-rate-limiting-on-IdentiFi 


Regards,
Nathiya M