summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorYuriy Andamasov <andamasov@gmail.com>2019-06-04 00:15:53 +0200
committerGitHub <noreply@github.com>2019-06-04 00:15:53 +0200
commit1dc44ab1037bce5cb5e5d1af2c909dfd5a6a35ba (patch)
treeb26216df195df96c03a750def717df798f051d15
parent19e74ad2b001ff9883c2ca1933bde9beaf4e6b1e (diff)
parentdfc3b907946e6da46b3b0cebf20b8359af9ab690 (diff)
downloadvyos-documentation-1dc44ab1037bce5cb5e5d1af2c909dfd5a6a35ba.tar.gz
vyos-documentation-1dc44ab1037bce5cb5e5d1af2c909dfd5a6a35ba.zip
Merge pull request #61 from DmitriyEshenko/patch-2
Add RADIUS DM/CoA: update pppoe-server.rst
-rw-r--r--docs/services/pppoe-server.rst32
1 files changed, 32 insertions, 0 deletions
diff --git a/docs/services/pppoe-server.rst b/docs/services/pppoe-server.rst
index 17aee82a..24b6b76c 100644
--- a/docs/services/pppoe-server.rst
+++ b/docs/services/pppoe-server.rst
@@ -80,6 +80,37 @@ server configured, if you wish to achieve redundancy.
RADIUS provides the IP addresses in the example above via Framed-IP-Address.
+**RADIUS sessions management DM/CoA**
+For remotely disconnect sessions and change some authentication parameters you can configure dae-server
+
+.. code-block:: sh
+
+ set service pppoe-server authentication radius-settings dae-server ip-address '10.1.1.2'
+ set service pppoe-server authentication radius-settings dae-server port '3799'
+ set service pppoe-server authentication radius-settings dae-server secret 'secret123'
+
+Example, from radius-server send command for disconnect client with username test
+
+.. code-block:: sh
+
+ root@radius-server:~# echo "User-Name=test" | radclient -x 10.1.1.2:3799 disconnect secret123
+
+You can also use another attributes for identify client for disconnect, like Framed-IP-Address, Acct-Session-Id, etc.
+Result commands appears in log
+
+.. code-block:: sh
+
+ show log | match Disconnect*
+
+Example for changing rate-limit via RADIUS CoA
+
+.. code-block:: sh
+
+ echo "User-Name=test,Filter-Id=5000/4000" | radclient 10.1.1.2:3799 coa secret123
+
+Filter-Id=5000/4000 (means 5000Kbit down-stream rate and 4000Kbit up-stream rate)
+If attribute Filter-Id redefined, replace it in radius coa request
+
Bandwidth Shaping
^^^^^^^^^^^^^^^^^
@@ -131,6 +162,7 @@ The command below enables it, assuming the RADIUS connection has been setup and
Other attributes can be used, but they have to be in one of the dictionaries in /usr/share/accel-ppp/radius.
+
Practical Configuration Examples
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^