Hello, my name is Gabriel Henrique, I am a network analyst here at Made4IT and today I will show you how to configure selective bandwidth control on access layer users on Huawei’s NE line routers.
Selective bandwidth control opens up the possibility of new products or the improvement, increment or “charm” in the delivery of the service to the end user being a very interesting differential, especially for ISPs that have local CDN.
But, after all, what is selective band control all about?
Normally, in BNGs/BRAS/PPPoE Server implementations, it is commonplace to have a global bandwidth control (from the user’s point of view) of which any and all content is limited by the value of the contracted plan. In selective bandwidth control, we have the possibility of assigning different bands to different services, where you can for example assign a bandwidth control value of “X” for your local CDN content, “y” for internal traffic to your network and “z” when the source or destination of traffic is external (links, transits, Peering, IX/PTT, PNI, transports…), we can say that we do selective QoS or that we specifically control how much bandwidth per content or it could also be said that we can take bandwidth control away from selective CDN or PBR.
Anyway, enough talk, let’s get to the cool part 🙂
In our test scenario, we have:
– Customer with 100Mbps plan
– Need to free up to 500Mbps when source/destination is local CDNs
– Need to maintain 100Mbps when source/destination are not Local CDNs
– Local CDNs addressed with 192.0.2.0/24 and 2001:DB8::/64
Pre-requisites:
– ERP/Radius with AVP support “Huawei-Policy-Name
– Domain of authenticating clients with a declared “user-group” (If you don’t know what user-group is, stay tuned to Made’s blog and soon there will be a post about Firewall that will explain exactly what it is about 😉
Step 1: Configure, in system-view, the necessary Radius parameters and activate the “Value Added Service” function in the router.
[code]
system-view
radius-server coa-request hw-policy-name daa same-policy reply-ack
radius-server coa-request hw-policy-name daa coexist-with-user
value-added-service enable
[/code]
Step 2: In the Radius-group used for authentication, enable value-added-service accounting support
[code]
system-view
aaa
domain made4it
value-added-service account-type radius made4it
[/code]
Step 3: Configure access ACLs delimiting CDN traffic and general traffic
[code]
system-view
acl number 7000
description CDN
rule 10 permit ip source user-group any destination ip-address 192.0.2.0 0.0.0.255
rule 11 permit ip source ip-address 192.0.2.0 0.0.0.255 destination user-group any
#
acl number 7001
description GERAL
rule 10 permit ip source user-group any destination ip-address any
rule 11 permit ip source ip-address any destination user-group any
acl ipv6 number 7002
description CDN PILOTO 500MBPS IPv6
rule 10 permit ipv6 source user-group any destination ipv6-address 2001:DB8::/64
rule 11 permit ipv6 source ipv6-address 2001:DB8::/64 destination user-group any
#
acl ipv6 number 7003
description GERAL PILOTO 100MBPS
rule 10 permit ipv6 source user-group any destination ipv6-address any
rule 11 permit ipv6 source ipv6-address any destination user-group any
[/code]
Step 4: Configure “classifiers” to classify traffic from ACLs
[code]
system-view
traffic classifier tc1 operator or
if-match acl 7000
if-match ipv6 acl 7002
#
traffic classifier tc8 operator or
if-match acl 7001
if-match ipv6 acl 7003
[/code]
Step 5: Configure the behaviors we will use to identify each of the classifiers
[code]
system-view
traffic behavior tb1
car
tariff-level 1
traffic-statistic
#
traffic behavior tb8
car
tariff-level 8
traffic-statistic
#
[/code]
Step 6: Configure the traffic-policy that will be globally linked, containing the classifier and behavior previously configured, effecting the differentiated classification of flows
[code]
system-view
traffic policy DAA_1
share-mode
classifier tc1 behavior tb1 precedence 1
classifier tc8 behavior tb8 precedence 8
#
[/code]
Step 7: Apply the traffic-policy globally.
[code]
system-view
accounting-service-policy DAA_1
[/code]
Step 8: Configure the qos-profiles that will delimit the band of the respective contents
[code]
system-view
qos-profile 100M
car cir 103424 cbs 18700000 green pass red discard inbound
car cir 103424 cbs 18700000 green pass red discard outbound
qos-profile 500M
car cir 512000 cbs 18700000 green pass red discard inbound
car cir 512000 cbs 18700000 green pass red discard outbound
[/code]
Step 9:Configure the policy that will control the client’s bandwidth
[code]
system-view
value-added-service policy 100m daa
accounting-scheme made4it
user-group made4it
tariff-level 1 qos-profile 500M
tariff-level 8 qos-profile 100M
[/code]
There. Now, all the ERP/Radius has to do is deliver to the client the AVP Huawei-Policy-Name := 100m, which, the client will have bandwidth control limiting up to 500Mbps when the source/destination is the local CDNs, and up to 100Mbps for all other sources/destinations.
Remember that if ERP/Radius delivers the Huawei-Input-Average-Rate, BRAS/BNG will use it preferentially and will not apply the Policy name!
The traffic-policy allows up to 8 “tariff-levels” where you can classify your traffic into up to 8 service types and apply different bandwidth controls for each of them.
In the example case, if you want to configure differentiated bandwidth control for other plans, just create a new “qos-profile” and “value-added-service policy” with the values you want to apply, since the CDN and general traffic is already classified in distinct “tariff-levels”.
That’s it, see you next time 🙂
I hope you enjoyed the content and if you have any questions please contact and talk to our team of experts 😁✨