Products & Services

Training & Events

Partner Central

Hierarchical Navigation

HOME
- SUPPORT
  - PRODUCT SUPPORT
    - END-OF-SALE AND END-OF-LIFE PRODUCTS
      - CISCO IOS SOFTWARE RELEASES 12.2 T
        CONFIGURE
        FEATURE GUIDES
        Per-User QoS via AAA Policy Name

Cisco IOS Software Releases 12.2 T

Per-User QoS via AAA Policy Name

Downloads

Per-User QoS via AAA Policy Name

Table Of Contents

Per-User QoS via AAA Policy Name

Contents

Prerequisites for Per-User QoS via AAA Policy Name

Information About Per-User QoS via AAA Policy Name

VSAs Added for Per-User QoS via AAA Policy Name

How to Configure Per-User QoS via AAA Policy Name

Monitoring and Maintaining Per-User QoS via AAA Policy Name

Configuration Examples for Per-User QoS
via AAA Policy Name

Per-User QoS Using the AAA Policy Name

Additional References

Related Documents

Standards

MIBs

RFCs

Technical Assistance

Glossary

Per-User QoS via AAA Policy Name

First Published: 12.2(15)B

Last Updated: February 28, 2006

The Per-User QoS via AAA Policy Name feature provides the ability to download a policy name that describes quality of service (QoS) parameters for a user session from a RADIUS server and apply them for the particular session.

History for the Per-User QoS via AAA Policy Name Feature

Release

Modification

12.2(15)B

This feature was introduced.

12.2(15)T

This feature was integrated into Cisco IOS Release 12.2(15)T.

12.2(28)SB

This feature was integrated into Cisco IOS Release 12.2(28)SB.

Finding Support Information for Platforms and Cisco IOS Software Images

Use Cisco Feature Navigator to find information about platform support and Cisco IOS software image support. Access Cisco Feature Navigator at http://www.cisco.com/go/fn. You must have an account on Cisco.com. If you do not have an account or have forgotten your username or password, click Cancel at the login dialog box and follow the instructions that appear.

Contents

•Prerequisites for Per-User QoS via AAA Policy Name

•Information About Per-User QoS via AAA Policy Name

•How to Configure Per-User QoS via AAA Policy Name

•Configuration Examples for Per-User QoS via AAA Policy Name

•Additional References

Prerequisites for Per-User QoS via AAA Policy Name

Before you configure the Per-User QoS via AAA Policy Name feature, you must locally define on your router the policy whose name is received from the RADIUS server.

Information About Per-User QoS via AAA Policy Name

Effective with Cisco IOS Release 12.2(15)T, separate Cisco vendor-specific attributes (VSAs) are added for the service map.

To configure the Per-User QoS via AAA Policy Name feature, you must understand the following concept:

•VSAs Added for Per-User QoS via AAA Policy Name

VSAs Added for Per-User QoS via AAA Policy Name

Two new VSAs have been added for the service map, and the VSAs will bypass the parser while applying the policy for a particular user or session. The new VSAs are as follows:

•vendor-id=9 (Cisco) Vendor type 37 for upstream traffic to input policy name

•vendor-id+9 (Cisco) Vendor type 38 for downstream traffic to output policy name

How to Configure Per-User QoS via AAA Policy Name

This section contains the following procedure:

•Monitoring and Maintaining Per-User QoS via AAA Policy Name

To configure per-user QoS, use the authentication, authorization, and accounting (AAA) policy name that you have received from the RADIUS server. To configure QoS policy, refer to the documents listed in the "Related Documents" section.

Monitoring and Maintaining Per-User QoS via AAA Policy Name

To monitor and maintain per-user QoS using the AAA policy name, use the following debug commands:

SUMMARY STEPS

1. enable

2. debug aaa authorization

3. debug aaa per-user

DETAILED STEPS

Command or Action

Purpose

Step 1

enable
Example:

Router> enable

Enables privileged EXEC mode.

•Enter your password if prompted.

Step 2

debug aaa authorization
Example:

Router# debug aaa authorization

Displays information about AAA/TACACS+ authorization.

Step 3

debug aaa per-user
Example:

Router# debug aaa per-user

Displays information about per-user QoS parameters.

Configuration Examples for Per-User QoS
via AAA Policy Name

This section provides the following configuration example:

•Per-User QoS Using the AAA Policy Name

Per-User QoS Using the AAA Policy Name

The following example shows that per-user QoS is being configured using the AAA policy name "policy_class_1_2":
class-map match-all class1 
 match access-group 101 
class-map match-all class2 
 match qos-group 4 
 match access-group 101 
policy-map policy_class_1_2 
 class class1 
 bandwidth 3000 
 queue-limit 30 
 class class2 
 bandwidth 2000 
 class class-default 
 bandwidth 500 
peruser_qos_1    Password = "lab" 
 Service-Type = Framed, 
 Framed-Protocol = PPP, 
 Cisco:Cisco-avpair = "ip:sub-policy-In=ssspolicy"
!ssspolicy in the above line is the name of the policy.
peruser_qos_2    Password = "lab" 
 Service-Type = Framed, 
 Framed-Protocol = PPP, 
 Cisco:Cisco-avpair = "ip:sub-policy-Out=ssspolicy" 
Additional References

The following sections provide references related to Per-User QoS via AAA Policy Name.

Related Documents

Related Topic

Document Title

AAA per-user and QoS configurations and information about the policy-map command

•Configuring Per-User Configuration

•Cisco IOS Security Command Reference, Release 12.2T

Standards

Standard

Title

None

—

MIBs

MIB

MIBs Link

None

To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL:

http://www.cisco.com/go/mibs

RFCs

RFC

Title

None

—

Technical Assistance

Description

Link

The Cisco Technical Support website contains thousands of pages of searchable technical content, including links to products, technologies, solutions, technical tips, and tools. Registered Cisco.com users can log in from this page to access even more content.

http://www.cisco.com/techsupport

Glossary

RADIUS—Remote Authentication Dial-In User Service. RADIUS is a database for authenticating modem and ISDN connections and for tracking connection time.

VSA—vendor-specific attribute. A VSA is an attribute that has been implemented by a particular vendor. It uses the attribute Vendor-Specific to encapsulate the resulting AV pair: essentially, Vendor-Specific = protocol:attribute = value.

Note Refer to the Internetworking Terms and Acronyms for terms not included in this glossary.

Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.

© 2003-2006 Cisco Systems, Inc. All rights reserved.