Wireless Access

last person joined: 7 hours ago 

Access network design for branch, remote, outdoor and campus locations with Aruba access points, and mobility controllers.
Expand all | Collapse all

Per User rate limiting and SSID rate limiting in the same time

  • 1.  Per User rate limiting and SSID rate limiting in the same time

    Posted Oct 11, 2017 05:40 AM

    Hi All,

    I would like to implement rate mimiting for Guest access. The idea is to limit each individual guest to appropriate bandwidth (for example 8mbit/s download and 4 mbit/s upload). But in the same time if I have more guests on the network I would like to protect WAN bandwidth and to limit all guests users just to 30 mbit/s download and 20 mbit/s upload. 

    So first per user rate limitation should be applied and then per SSID rate limitation should be applied. 

    Is it possible, please?

     

     

    My second question regarding rate limitiation is if rate limitation is not contraproductive to fact that I want to serve all my wireless users ASAP to keep my channel clean as soon as possible.

    So for example if Guest is trying to download 100 MB file with full rate (without limitation) then this guest will occupy my channel shorter time then with rate limitation to 8 mbit/s. 

     

    Is my assumption correct and rate limiting could be contraproductive to keeping channel free?

     

    THX

    Miro



  • 2.  RE: Per User rate limiting and SSID rate limiting in the same time

    Posted Oct 12, 2017 01:11 AM

    In case of controller, you can configure rate limit for role, user, ap group in both of stream under role.

    For iAP, in SSID can be configured per user or SSID.



  • 3.  RE: Per User rate limiting and SSID rate limiting in the same time

    Posted Oct 20, 2017 08:27 AM

    Maybe I didn't write it so clear as it should be.

    I need to setup two kind of rate limiting in the same time.

    One is per user rate limiting and also in the same time per role rate limitting.

     

    Would it be possible basically to rate limit users individually and in the same time to setup that all users in particular role/ssid can't overpass certain bandwidth.

     

    THX

    Miro



  • 4.  RE: Per User rate limiting and SSID rate limiting in the same time

    Posted Oct 20, 2017 09:10 AM

    Limiting the rate by user or group is mutually exclusive:  You can only do one or the other using a role with your current WLAN setup.

     

     

    Checking to make sure that users do not consume over a certain bandwidth and doing something about it requires an external policy server like ClearPass, which would measure user traffic via radius accounting and then do something.



  • 5.  RE: Per User rate limiting and SSID rate limiting in the same time

    Posted Oct 24, 2017 08:55 AM

    Hi Colin,

    but with radius accounting you are able to check amount of data (MB) send and received by the user. If I am not mistaken, you are not able to check/limit upload and download speed (mbs).

     

    So I think even CPPM won't help me to limit per user and per SSID speed in the same time.



  • 6.  RE: Per User rate limiting and SSID rate limiting in the same time

    Posted Oct 24, 2017 09:26 AM

    Let's talk about requirements.  What is the requirement and has it been implemented anywhere else?



  • 7.  RE: Per User rate limiting and SSID rate limiting in the same time

    Posted Oct 25, 2017 03:40 AM

    So basically we are planning to add some Guests to network and we want to protect MPLS uplinks to be congested by Guest traffic (BYOD, IoT, Guest SSIDs).

    So basically we have 3 SSIDs which can't consume more then certain % of the MPLS uplink.

     

    Lets imagine that certain % of MPLS uplink is 40 Mbits. So in one hand all those 3 SSIDs can't consume more then 40 Mbits of uplink but in the same time, if I have just one user connected to BYOD SSID and no user on IoT and Guest then I do not want let this one user consume all 40 Mbits, I want to give him just 8 Mbits of download and 1 Mbits of upload.

     

    So if I have 5 users connected they still have 8 Mbits download each and per site it will be still 40 Mbits.

    But if I have 10 users connected we can't give them together 80 Mbits of download, so that is a reason to have in the same time rate limiting to keep all those three SSIDs together below 40 Mbits.

     

    THX



  • 8.  RE: Per User rate limiting and SSID rate limiting in the same time

    Posted Oct 25, 2017 09:50 AM

    Ok.

     

    Are you using remote APS, a controller or instant APs at that remote site?  That would determine what we can do from here..



  • 9.  RE: Per User rate limiting and SSID rate limiting in the same time

    Posted Oct 26, 2017 06:31 AM

    We have basically two scenarios:

    1. Controller on site with CAPs -> larger sites

    2. for smaller sites we have centralized controller in DC and each AP on small site is conneted over MPLS to this centralized controller using GRE. So clasicall CAPs but over MPLS to controller in DC

     

    THX

    Miro



  • 10.  RE: Per User rate limiting and SSID rate limiting in the same time

    Posted Mar 22, 2018 08:13 PM

    Hello,

    Using Aruba Instant or with controller, can you measure the bandwidth per user?

    For example, provide each student with a certain amount of bandwidth, and then be able to request another extra amount if this is needed.

     

    Using the Captive Portal function, you can first put a survey as a portal, and then be connected to the internet?


     



  • 11.  RE: Per User rate limiting and SSID rate limiting in the same time

    Posted Mar 22, 2018 08:23 PM

    You will need user accounting to accomplish this. Aruba ClearPass can help you accomplish this.



  • 12.  RE: Per User rate limiting and SSID rate limiting in the same time

    Posted Mar 22, 2018 08:29 PM

    Thank you Jay. 

    And what about using the Captive Portal function, can you set first a survey as a Captive Portal and then be connected to the internet?


    @Jibran.Azizwrote:

    You will need user accounting to accomplish this. Aruba ClearPass can help you accomplish this.


     



  • 13.  RE: Per User rate limiting and SSID rate limiting in the same time

    Posted Mar 22, 2018 09:07 PM

    Yes you can. Please refer to below post:

    http://www.amigopod.com/HOWTO/Survey/

     

    Though that was for amigopod (now merged to ClearPass), stil very relavent to what you are after..



  • 14.  RE: Per User rate limiting and SSID rate limiting in the same time

    Posted Mar 23, 2018 01:18 PM

    Undestood. ClearPass it's needed.
    Thank you Jay. 


    @Jibran.Azizwrote:

    Yes you can. Please refer to below post:

    http://www.amigopod.com/HOWTO/Survey/

     

    Though that was for amigopod (now merged to ClearPass), stil very relavent to what you are after..



    @Jibran.Azizwrote:

    Yes you can. Please refer to below post:

    http://www.amigopod.com/HOWTO/Survey/

     

    Though that was for amigopod (now merged to ClearPass), stil very relavent to what you are after..