rado at dev
May 25, 2010, 3:23 AM
Post #1 of 1
(1624 views)
Permalink
|
Hi all,
I'm trying to push policy maps to the BRAS through RADIUS for PPPoE
customers and essentially have noticed the following problem:
1. If my outbound policy map referenced in the RADIUS profile is
hierarchical, everything seems ok and I've got connectivity to the client:
user [at] real Cleartext-Password := "xxxx"
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-IP-Address = 1.1.1.1,
Framed-IP-Netmask = 255.255.255.255,
Cisco-AVPair := "sub-qos-policy-out=PARENT"
policy-map ICMP
class ICMP
priority 300
policy-map PARENT
class class-default
shape average 1800000
service-policy ICMP
Results: Username is up on the BRAS, connectivity is OK,
2. If my outbound policy map referenced in the RADIUS profile is one level,
the username is terminated but the policy-map is not applied, nor do I have
connectivity to the client:
user [at] real Cleartext-Password := "xxxx"
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-IP-Address = 1.1.1.1,
Framed-IP-Netmask = 255.255.255.255,
Cisco-AVPair := "sub-qos-policy-out=ICMP"
policy-map ICMP
class ICMP
priority 300
Results: Username is up on the BRAS, service policy is not applied per below
command and no connectivity to the customer's IP.
sh policy-map interface virtual-access 2.1
[no output]
I'm using 12.2(33)SRD4 SP services IOS for the above tests. I tried to use
12.2(33)SRE1 but I found out that applying the configuration with
hierarchical QOS blocks connectivity to the customer (user appears up on the
bras, but have no connectivity).
I'd appreciate if anyone shed some light if the hierarchical QOS is the only
way I must design my QOS with PPP customers? I was hoping to avoid using
HQOS as the customers downstream of the BRAS are DSL customers and their
bandwidth can change, hence not having a parent shaper is better for me - I
only want to prioritize a conservative bandwidth (300-500kmbit/s) for the
gold traffic class and not care about the rest. During my tests with HQOS
and parent shaper I've discovered that gold class packets might get dropper
in the parent shaper when its configured bandwidth is lower then the actual
downstream DSLAM line's.
Regards,
Rado
|
