Introduction

Limiting bandwitdh of wireless users on controllers in master-local topology with only using scripting language is so easy and crusial in a big campus networking. We have limiting many users by the following method to save bandwitdh.

Steps

1- Create a role on aruba for limited users. In my case, It is named "role-1mbps"
2- Radius accounting information is logged to mysql with freeradius-mysql
3- Calculate your download/upload threshold value of users in period.
4- We will have another script which will trigger the following expect script. The script will make schanges on both controller and user's session won't completely removed.

Expect script:
#!/usr/bin/expect
set password 123123

set hosts "aruba-master"
spawn ssh -o StrictHostKeyChecking=no admin@$hosts
expect "admin@$hosts's password:"
send -- "$password\n"
expect "#"

send -- "config t\n"
expect "#"
send -- "aaa server-group SSID-wpa2\n"
expect "#"
send -- "set role condition User-Name equals $username set-value role-1mbps position 1\n"
expect "#"
send -- "write mem\n"
expect "#"
send -- "exit\n"
set hosts "aruba-local"
spawn ssh -o StrictHostKeyChecking=no admin@$hosts
expect "admin@$hosts's password:"
send -- "$password\n"
expect ">"
send -- "ena\n"
expect "Password:"
send -- "$password\n"
expect "#"
send -- "aaa user delete name $username\n"
expect "#"
send -- "exit\n"

5- To remove limited-role send only the "no" row.
send -- "no set role condition User-Name equals $username set-value role-1mbps\n"