Radius Attributes 250 And 252; Cisco Vsa 1 - Cisco 10000 Series Configuration Manual

Router access network control protocol

Hide thumbs Also See for 10000 Series:

Configuration manual (854 pages)

Troubleshooting manual (70 pages)

Installation manual (14 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

page of 180

/ 180
Contents
Table of Contents
Bookmarks

Table of Contents

RADIUS Attributes

RADIUS Attributes 250 and 252

RADIUS uses Attribute 250 in Access-Accept messages and Attribute 252 in CoA messages to activate

and deactivate parameterized services. ISG services are configured locally on the ISG; RADIUS sends

only the service name.

Attributes 250 and 252 have the following syntax for service activation:

Access-Accept Messages

250 "Aservice(parameter1=value,parameter1=value,...)"

CoA Messages

252 0b "service(parameter1=value,parameter2=value,...)"

RADIUS uses only Attribute 252 in a CoA message when deactivating a service. RADIUS sends the

same information in Attribute 252 that was used for service activation, except that service deactivation

uses 0c in the syntax instead of the 0b parameter used for service activation.

VSA 252 has the following syntax for service deactivation:

CoA Messages

252 0xC "service(parameter1=value,parameter2=value,...)"

Cisco VSA 1

RADIUS uses a vendor-specific attribute (VSA) 1 command to modify the active QoS policy on a

session. This VSA has the following format:

av-pair = "policy-type=command 9 parameter1 ,...,parametern"

Use the following Cisco VSA 1 format to add and remove classes and QoS actions to and from the QoS

policy that is currently active on a session:

qos-policy-in=add-class(target,(class-list),qos-actions-list)

qos-policy-out=add-class(target,(class-list),qos-actions-list)

qos-policy-in=remove-class(target,(class-list))

qos-policy-out=remove-class(target,(class-list))

Before the ISG can construct a policy using the shaping or policing parameters specified in the RADIUS

message, a QoS policy must be active on the session. If a QoS policy is not active in the specified

direction, the ISG does not create the policy.

When implementing the changes specified in the Cisco VSA, the ISG does not make the changes to the

originally configured QoS policy on the ISG. Instead, the ISG copies the active QoS policy for the

session and then makes the required changes to the policy copy, which is referred to as a transient policy.

The originally configured QoS policy on the ISG is not changed.

The following sections describe the Cisco VSA 1 commands used to automatically modify shaping and

policing parameters of active policies:

•

Cisco 10000 Series Router Access Network Control Protocol Configuration Guide

6-2

Add-Class Primitive, page 6-3

Remove Class Primitive, page 6-4

Chapter 6

RADIUS-Based Shaping and Policing

OL-14660-03

Table of Contents

Radius Attributes 250 And 252; Cisco Vsa 1 - Cisco 10000 Series Configuration Manual

RADIUS Attributes 250 and 252

Cisco VSA 1

Related Manuals for Cisco 10000 Series

Related Content for Cisco 10000 Series

Table of Contents