KB.15.15

ManualsBrandsHP ManualsNetwork HardwareHP 5406R-8XGT/8SFP+ (No PSU) v2 zl2 Switch

211

212

213

214

215

216

217

218

219

220

Table 17 CoS and rate-limiting services (continued)

Control method and operating notesService

Assigns a RADIUS-configured bandwidth limit to the

inbound packets received from a specific client

authenticated on a port.

VSA: 46

Setting: HP-Bandwidth-Max-Egress=< bandwidth-in-Kbps

Note: Beginning with software release K.14.01, this

attribute is assigned per-authenticated-user instead of

Note: RADIUS-assigned rate-limit bandwidths must be

specified in Kbps. (Bandwidth percentage settings are not

per-port. To assign a per-port inbound rate limit, use the

rate-limit all in CLI command instead of this option.

supported.) Using a VSA on a RADIUS server to specify a

per-user rate-limit requires the actual Kbps to which you

want to limit ingress (inbound) traffic volume. For example,

to limit inbound traffic on a gigabit port to half of the port's

bandwidth capacity requires a VSA setting of 500,000

Kbps.

Requires a port-access authentication method (802.1X,

Web Auth, or MAC Auth) configured on the client's port

on the switch.

The actual bandwidth available for ingress traffic from an

authenticated client can be affected by the total bandwidth

available on the client port. See (page 213).

Vendor-Specific Attribute used in the RADIUS server.Egress (outbound) rate-limiting per-port

HP vendor-specific ID:11Assigns a RADIUS-configured bandwidth limit to the

outbound traffic sent to a switch port.

VSA: 48 (string=HP)

Setting: HP-RATE-LIMIT=< bandwidth-in-Kbps >

Note: RADIUS-assigned rate-limit bandwidths must be

specified in Kbps. (Bandwidth percentage settings are not

supported.) Using a VSA on a RADIUS server to specify a

per-port rate-limit requires the actual Kbps to which you

want to limit outbound traffic volume. For example, to limit

outbound traffic on a gigabit port to half of the port's

bandwidth capacity requires a VSA setting of 500,000

Kbps.

In instances where multiple, authenticated clients are using

this feature on the same switch port, only one (per-port)

rate limit will be applied. In this case, the actual rate used

is the rate assigned by the RADIUS server to the most

recently authenticated client. This rate remains in effect as

long as any authenticated client remains connected on the

port.

Requires a port-access authentication method (802.1X,

Web Auth, or MAC Auth) configured on the client's port

on the switch.

The actual bandwidth available for egress traffic from an

authenti-cated client can be affected by the total bandwidth

available on the client port. See “Per-port bandwidth

override” (page 213).

To configure support for the services listed in Table 17 (page 211) on a specific RADIUS server

application, see the documentation provided with the RADIUS application.

Applied rates for RADIUS-assigned rate limits

Rate limits are applied incrementally on the HP switches, as determined by the RADIUS-applied

rate. For any given bandwidth assignment, the switch applies the nearest rate increment that does

not exceed the assigned value. The increments are in graduated steps, as described in Table 18

(page 213).

212 RADIUS server support for switch services