- Read Me First
- Preparing for Broadband Access Aggregation
- Providing Protocol Support for Broadband Access Aggregation of PPPoE Sessions
- PPP for IPv6
- DHCP for IPv6 Broadband
- Providing Protocol Support for Broadband Access Aggregation of PPP over ATM Sessions
- Providing Connectivity Using ATM Routed Bridge Encapsulation over PVCs
- PPPoE Circuit-Id Tag Processing
- Configuring PPP over Ethernet Session Limit Support
- PPPoE Session Limit Local Override
- PPPoE QinQ Support
- PPP-Max-Payload and IWF PPPoE Tag Support
- PPPoE Session Limiting on Inner QinQ VLAN
- PPPoE Agent Remote-ID and DSL Line Characteristics Enhancement
- Enabling PPPoE Relay Discovery and Service Selection Functionality
- Configuring Cisco Subscriber Service Switch Policies
- AAA Improvements for Broadband IPv6
- Per Session Queueing and Shaping for PPPoEoVLAN Using RADIUS
- 802.1P CoS Bit Set for PPP and PPPoE Control Frames
- PPP over Ethernet Client
- PPPoE Smart Server Selection
- Monitoring PPPoE Sessions with SNMP
- PPPoE on ATM
- PPPoE on Ethernet
- PPPoE over VLAN Enhancements Configuration Limit Removal and ATM Support
- ADSL Support in IPv6
- Broadband IPv6 Counter Support at LNS
- PPP IP Unique Address and Prefix Detection
- PPP IPv4 Address Conservation in Dual Stack Environments
- TR-069 Agent
- Broadband High Availability Stateful Switchover
- Broadband High Availability In-Service Software Upgrade
- Controlling Subscriber Bandwidth
- PPPoE Service Selection
- Disabling AC-name and AC-cookie Tags from PPPoE PADS
- Finding Feature Information
- Restrictions for Per Session Queueing and Shaping for PPPoEoVLAN Using RADIUS
- Information About Per Session Queueing and Shaping for PPPoEoVLAN Using RADIUS
- How to Use the Per Session Queueing and Shaping for PPPoEoVLAN Using RADIUS Feature
- Configuration Examples for Per Session Queueing and Shaping Policies
- Additional References
- Feature Information for Per Session Queueing and Shaping for PPPoEoVLAN Using RADIUS
Per Session Queueing and Shaping for PPPoEoVLAN Using RADIUS
The Per Session Queueing and Shaping for PPPoEoVLAN Using RADIUS feature enables you to shape PPP over Ethernet over VLAN sessions to a user-specified rate. The router shapes the sum of all of the traffic to the PPPoE session so that the subscriber’s connection to the digital subscriber line access multiplexer (DSLAM) does not become congested. Queueing-related functionality provides different levels of service to the various applications that execute over the PPPoE session.
- Finding Feature Information
- Restrictions for Per Session Queueing and Shaping for PPPoEoVLAN Using RADIUS
- Information About Per Session Queueing and Shaping for PPPoEoVLAN Using RADIUS
- How to Use the Per Session Queueing and Shaping for PPPoEoVLAN Using RADIUS Feature
- Configuration Examples for Per Session Queueing and Shaping Policies
- Additional References
- Feature Information for Per Session Queueing and Shaping for PPPoEoVLAN Using RADIUS
Finding Feature Information
Your software release may not support all the features documented in this module. For the latest caveats and feature information, see Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the feature information table.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.
Restrictions for Per Session Queueing and Shaping for PPPoEoVLAN Using RADIUS
Each PPPoE over VLAN session for which per session queueing and shaping is configured has its own set of queues and its own VTMS link. Therefore, these PPPoE sessions do not inherit policies unless you remove the service policy applied to the session or you do not configure a policy for the session.
The router supports per session queueing and shaping on PPPoE terminated sessions and on an IEEE 802.1Q VLAN tagged subinterfaces for outbound traffic only.
The router does not support per session queueing and shaping for PPPoE over VLAN sessions using RADIUS on inbound interfaces.
The router does not support per session queueing and shaping for layer 2 access concentrator (LAC) sessions.
The statistics related to quality of service (QoS) that are available using the show policy-map interface command are not available using RADIUS.
The router does not support using a virtual template interface to apply a service policy to a session.
You can apply per session queueing and shaping policies only as output service policies. The router supports input service policies on sessions for other existing features, but not for per session queueing and shaping for PPPoE over VLAN using RADIUS.
During periods of congestion, the router does not provide specific scheduling between the various PPPoE sessions. If the entire port becomes congested, the scheduling that results has the following effects: - The amount of bandwidth that each session receives of the entire port’s capacity is not typically proportionally fair share.
- The contribution of each class queue to the session’s total bandwidth might not degrade proportionally.
The PRE2 does not support ATM overhead accounting for egress packets with Ethernet encapsulations. Therefore, the router does not consider ATM overhead calculations when determining that the shaping rate conforms to contracted subscriber rates.
The router does not support the configuration of the policy map using RADIUS. You must use the MQC to configure the policy map on the router.
Information About Per Session Queueing and Shaping for PPPoEoVLAN Using RADIUS
The router allows you to apply QoS policy maps using RADIUS. The actual configuration of the policy map occurs on the router using the MQC.
- How Routers Apply QoS Policy to Sessions
- How RADIUS Uses VSA 38 in User Profiles
- Commands Used to Define QoS Actions
How Routers Apply QoS Policy to Sessions
The router can apply the QoS policy to sessions using attributes defined in one of the following RADIUS profiles:
User Profile--The user profile on the RADIUS server contains an entry that identifies the policy map name applicable to the user. The policy map name is the service that RADIUS downloads to the router after a session is authorized.
Service Profile--The service profile on the RADIUS server specifies a session identifier and an attribute-value (AV) pair. The session identifier might be, for example, the IP address of the session. The AV-pair defines the service (policy map name) to which the user belongs.
The following AV-pairs define the QoS policy to be applied dynamically to the session:
"ip:sub-qos-policy-in=<name of the QoS policy in ingress direction>"
"ip:sub-qos-policy-out=<name of egress policy>"
When RADIUS gets a service-logon request from the policy server, it sends a change of authorization (CoA) request to the router to activate the service for the subscriber, who is already logged in.
If the authorization succeeds, the router downloads the name of the policy map from RADIUS using the above attribute and applies the QoS policy to the session.
Note | Although the router also supports the RADIUS VSA 38, Cisco-Policy-Down and Cisco-Policy-Up, we recommend that you use the above attributes for QoS policy definitions. |
How RADIUS Uses VSA 38 in User Profiles
The RADIUS VSA 38 is used for downstream traffic going toward a subscriber. The service (policy map name) to which the user session belongs resides on the RADIUS server. The router downloads the name of the policy map from RADIUS using VSA 38 in the user profile and then applies the policy to the session.
To set up RADIUS for per session queueing and shaping for PPPoE over VLAN support, enter the following VSA in the user profile on the RADIUS server:
Cisco:Cisco-Policy-Down = <service policy name>
The actual configuration of the policy map occurs on the router. The user profile on the RADIUS service contains an entry that identifies the policy map name applicable to the user. This policy map name is the service RADIUS downloads to the router using VSA 38.
Note | Although the router also supports RADIUS VSA 38, Cisco-Policy-Down and Cisco-Policy-Up, we recommend that you use the attributes described in the How Routers Apply QoS Policy to Sessions for QoS policy definitions. |
Commands Used to Define QoS Actions
When you configure queueing and shaping for PPPoE over VLAN sessions, the child policy of a nested hierarchical service policy defines QoS actions using any of the following QoS commands:
priority command--Assigns priority to a traffic class and gives preferential treatment to the class.
bandwidth command--Enables class-based fair queueing and creates multiple class queues based on bandwidth.
queue-limit command--Specifies the maximum number of packets that a particular class queue can hold.
police command--Regulates traffic based on bits per second (bps), using the committed information rate (CIR) and the peak information rate, or on the basis of a percentage of bandwidth available on an interface.
random-detect command--Drops packets based on a specified value to control congestion before a queue reaches its queue limit. The drop policy is based on IP precedence, differentiated services code point (DSCP), or the discard-class.
set ip precedence command--Marks a packet with the IP precedence level you specify.
set dscp command--Marks a packet with the DSCP you specify.
set cos command--Sets the IEEE 802.1Q class of service bits in the user priority field.
The parent policy contains only the class-default class with the shape command configured. This command shapes traffic to the specified bit rate, according to a specific algorithm.
The router allows you to apply QoS policy maps using RADIUS. The actual configuration of the policy map occurs on the router using the MQC. The router can apply the QoS policy to sessions using attributes defined in one of the following RADIUS profiles:
User Profile--The user profile on the RADIUS server contains an entry that identifies the policy map name applicable to the user. The policy map name is the service that RADIUS downloads to the router after a session is authorized.
Service Profile--The service profile on the RADIUS server specifies a session identifier and an attribute-value (AV) pair. The session identifier might be, for example, the IP address of the session. The AV-pair defines the service (policy map name) to which the user belongs.
The following AV-pairs define the QoS policy to be applied dynamically to the session:
"ip:sub-qos-policy-in=<name of the QoS policy in ingress direction>"
"ip:sub-qos-policy-out=<name of egress policy>"
When RADIUS gets a service-logon request from the policy server, it sends a change of authorization (CoA) request to the router to activate the service for the subscriber, who is already logged in.
If the authorization succeeds, the router downloads the name of the policy map from RADIUS using the above attribute and applies the QoS policy to the session.
Note | Although the router also supports the RADIUS vendor specific attribute (VSA) 38, Cisco-Policy-Down and Cisco-Policy-Up, we recommend that you use the above attributes for QoS policy definitions. |
How to Use the Per Session Queueing and Shaping for PPPoEoVLAN Using RADIUS Feature
Configuring a Per Session Queueing and Shaping Policy on the Router
To configure a per session queueing and shaping policy on the router for PPPoE over VLAN sessions using RADIUS, you must complete the following steps.
1.
policy-map
policy-map-name
2.
class
3.
bandwidth
{bandwidth-kbps | percent percentage |
remaining percent percentage}
account{{qinq| dot1q} {aal5| aal3}
{subscriber-encapsulation}} |
{user-defined offset
[atm]}}
4. exit
5.
policy-map
policy-map-name
6.
class
class-default
7.
shape
rate
account
{{{qinq| dot1q}{aal5| aal3}
{subscriber-encapsulation}} |
{user-defined offset
[atm]}}
8.
service-policy
policy-map-name
DETAILED STEPS
Command or Action | Purpose | |||
---|---|---|---|---|
Step 1 |
policy-map
policy-map-name
Example: Router(config)# policy-map policy-map-name |
Creates or modifies the bottom-level child policy. | ||
Step 2 |
class
Example: Router(config-pmap)# class class-map-name |
Assigns the traffic class you specify to the policy map. Enters policy-map class configuration mode. | ||
Step 3 |
bandwidth
{bandwidth-kbps | percent percentage |
remaining percent percentage}
account{{qinq| dot1q} {aal5| aal3}
{subscriber-encapsulation}} |
{user-defined offset
[atm]}}
Example: Router(config-pmap-c)# bandwidth {bandwidth-kbps | percent percentage | remaining percent percentage} account {{qinq | dot1q} {aal5 | aal3} subscriber-encapsulation | user-defined offset [atm]} |
Enables class-based fair queueing.
| ||
Step 4 | exit
Example: Router(config-pmap-c)# exit |
Exits policy-map class configuration mode. | ||
Step 5 |
policy-map
policy-map-name
Example: Router(config-pmap)# policy-map policy-map-name |
Creates or modifies the parent policy. | ||
Step 6 |
class
class-default
Example: Router(config-pmap)# class class-default |
Configures or modifies the parent class-default class.
| ||
Step 7 |
shape
rate
account
{{{qinq| dot1q}{aal5| aal3}
{subscriber-encapsulation}} |
{user-defined offset
[atm]}} Example: Router(config-pmap-c)# shape rate account {qinq | dot1q} {aal5 | aal3} subscriber-encapsulation | {user-defined offset [atm]} |
Shapes traffic to the indicated bit rate and enables ATM overhead accounting.
| ||
Step 8 |
service-policy
policy-map-name
Example: Router(config-pmap-c)# service-policy policy-map-name |
Applies a bottom-level child policy to the top-level parent class-default class. |
Verifying Per Session Queueing
To display the configuration of per session queueing and shaping policies for PPPoE over VLAN, enter any of the following commands in privileged EXEC mode:
Configuration Examples for Per Session Queueing and Shaping Policies
- Configuring a Per Session Queueing and Shaping Policy on the Router Example
- Setting Up RADIUS for Per Session Queueing and Shaping Example
- Verifying Per Session Queueing and Shaping Policies Examples
Configuring a Per Session Queueing and Shaping Policy on the Router Example
The following example shows
The example creates two traffic classes: Voice and Video. The router classifies traffic that matches IP precedence 5 as Voice traffic and traffic that matches IP precedence 3 as Video traffic. The Child policy map gives priority to Voice traffic and polices traffic at 2400 kbps. The Video class is allocated 80 percent of the remaining bandwidth and has ATM overhead accounting enabled. The Child policy is applied to the class-default class of the Parent policy map, which receives 20 percent of the remaining bandwidth and shapes traffic to 10,000 bps, and has ATM overhead accounting enabled.
Router(config)# class-map Voice Router(config-cmap)# match ip precedence 5 Router(config-cmap)# class-map Video Router(config-cmap)# match ip precedence 3 ! Router(config)# policy-map Child Router(config-pmap)# class Voice Router(config-pmap-c)# priority Router(config-pmap-c)# police 2400 9216 0 conform-action transmit exceed-action drop violate-action drop Router(config-pmap-c)# class video Router(config-pmap-c)# bandwidth remaining percent 80 account aal5 snap-dot1q-rbe Router(config-pmap-c)# exit Router(config-pmap)# exit Router(config)# policy-map Parent Router(config-pmap)# class class-default Router(config-pmap-c)# shape 10000 account dot1q snap-dot1q-rbe Router(config-pmap-c)# service-policy Child
Setting Up RADIUS for Per Session Queueing and Shaping Example
The following are example configurations for the Merit RADIUS server and the associated Layer 2 network server (LNS). In the example, the Cisco-Policy-Down attribute indicates the name of the policy map to be downloaded, which in this example is rad-output-policy. The RADIUS dictionary file includes an entry for Cisco VSA 38.
example.com Password = "cisco123" Service-Type = Framed-User, Framed-Protocol = PPP, Cisco:Cisco-Policy-Down = rad-output-policy
Cisco.attr Cisco-Policy-Up 37 string (*, *)
Cisco.attr Cisco-Policy-Down 38 string (*, *)
Verifying Per Session Queueing and Shaping Policies Examples
This example shows sample output for the show policy-map interface command
Router# show policy-map interface virtual-access 1 ! ! Service-policy output: TEST Class-map: class-default (match-any) 100 packets, 1000 bytes 30 second offered rate 800 bps, drop rate 0 bps Match: any shape (average) cir 154400, bc 7720, be 7720 target shape rate 154400 overhead accounting: enabled bandwidth 30% (463 kbps) overhead accounting: disabled queue limit 64 packets (queue depth/total drops/no-buffer drops) 0/0/0 (pkts output/bytes output) 100/1000
This example shows sample output from the show policy-map session command and show policy-map session uid command, based on a nested hierarchical policy.
Router# show subscriber session Current Subscriber Information: Total sessions 1 Uniq ID Interface State Service Identifier Up-time 36 Vi2.1 authen Local Term peapen@cisco.com 00:01:36 Router# show policy-map parent Policy Map parent Class class-default Average Rate Traffic Shaping cir 10000000 (bps) service-policy child Router# show policy-map child Policy Map child Class voice priority police 8000 9216 0 conform-action transmit exceed-action drop violate-action drop Class video bandwidth remaining 80 (%) Router# show policy-map session uid 36 SSS session identifier 36 - SSS session identifier 36 - Service-policy output: parent Class-map: class-default (match-any) 0 packets, 0 bytes 30 second offered rate 0 bps, drop rate 0 bps Match: any 0 packets, 0 bytes 30 second rate 0 bps Queueing queue limit 250 packets (queue depth/total drops/no-buffer drops) 0/0/0 (pkts output/bytes output) 0/0 shape (average) cir 10000000, bc 40000, be 40000 target shape rate 10000000 Service-policy : child queue stats for all priority classes: Queueing queue limit 16 packets (queue depth/total drops/no-buffer drops) 0/0/0 (pkts output/bytes output) 0/0 Class-map: voice (match-all) 0 packets, 0 bytes 30 second offered rate 0 bps, drop rate 0 bps Match: ip precedence 5 Priority: Strict, burst bytes 1500, b/w exceed drops: 0 Police: 8000 bps, 9216 limit, 0 extended limit conformed 0 packets, 0 bytes; action: transmit exceeded 0 packets, 0 bytes; action: drop violated 0 packets, 0 bytes; action: drop Class-map: video (match-all) 0 packets, 0 bytes 30 second offered rate 0 bps, drop rate 0 bps Match: ip precedence 3 Queueing queue limit 250 packets (queue depth/total drops/no-buffer drops) 0/0/0 (pkts output/bytes output) 0/0 bandwidth remaining 80% (7993 kbps) Class-map: class-default (match-any) 0 packets, 0 bytes 30 second offered rate 0 bps, drop rate 0 bps Match: any 0 packets, 0 bytes 30 second rate 0 bps queue limit 250 packets (queue depth/total drops/no-buffer drops) 0/0/0 (pkts output/bytes output) 2/136
Additional References
The following sections provide references related to the Per Session Queueing and Shaping for PPPoEoVLAN Using RADIUS feature.
Standards
Standard |
Title |
---|---|
No new or modified standards are supported, and support for existing standards has not been modified. |
-- |
MIBs
MIB |
MIBs Link |
---|---|
No new or modified MIBs are supported, and support for existing MIBs has not been modified. |
To locate and download MIBs for selected platforms, Cisco IOS XE software releases, and feature sets, use Cisco MIB Locator found at the following URL: |
RFCs
RFC |
Title |
---|---|
No new or modified RFCs are supported, and support for existing RFCs has not been modified. |
-- |
Technical Assistance
Description |
Link |
---|---|
The Cisco Support website provides extensive online resources, including documentation and tools for troubleshooting and resolving technical issues with Cisco products and technologies. To receive security and technical information about your products, you can subscribe to various services, such as the Product Alert Tool (accessed from Field Notices), the Cisco Technical Services Newsletter, and Really Simple Syndication (RSS) Feeds. Access to most tools on the Cisco Support website requires a Cisco.com user ID and password. |
Feature Information for Per Session Queueing and Shaping for PPPoEoVLAN Using RADIUS
The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.
Feature Name |
Releases |
Feature Information |
---|---|---|
Per Session Queueing and Shaping for PPPoE over VLAN Using RADIUS |
Cisco IOS XE Release 2.1 |
This feature enables you to shape PPPoE over VLAN sessions to a user-specified rate. The Per Session Queueing and Shaping for PPPoE over VLAN Support Using RADIUS feature was introduced on the PRE2 to enable dynamic queueing and shaping policies on PPPoEoVLAN session. This feature was integrated into Cisco IOS XE Release 2.1. |