KB.15.15

"X" authenticates with web-based authentication on port 4 with a RADIUS server

that assigns a priority of 3, an inbound rate-limit of 10,000 kbps, and an outbound

rate-limit of 50,000 kbps, then:

• The inbound traffic from client "X" will be subject to a priority of 3 and inbound

rate-limit of 10,000 kbps. Traffic from other clients using the port will not be

affected by these values.

• The combined rate-limit outbound for all clients using the port will be 50,000

kbps until either all client sessions end, or another client authenticates and

receives a different outbound rate-limit.

NOTE: Mixing CLI-configured and RADIUS-assigned rate-limiting on the same port

can produce unexpected results. See “Per-port bandwidth override” (page 213).

Where multiple clients are currently authenticated on a given port where outbound

(egress) rate-limiting values have been assigned by a RADIUS server, the port

operates with the outbound rate-limit assigned by RADIUS for the most recently

authenticated client. Any earlier outbound rate-limit values assigned on the same

port for other authenticated client sessions that are still active are superseded by

the most recent RADIUS-assigned value. For example, if client "X" is authenticated

with an outbound rate-limit of 750 kbps, and client "Y" later becomes authenticated

with an outbound rate-limit of 500 kbps while the session for client "X" is still active,

then the port operates with an outbound rate-limit of 500 kbps for both clients.

Outbound rate-limitInbound rate-limit802.1pAssignment method on port 10

100,000 kbs

100,000 kbs7Statically Configured Values

50,000 kbs

10,000 kbs3RADIUS-assigned when client "X"

authenticates

Combined rate-limit output for all clients active on the port.

Figure 149 Results of client authentication on port 4

Viewing CLI-configured rate-limiting and port priority for ports

Syntax:

show rate-limit all [port-list]

show qos port-priority

202 RADIUS server support for switch services