Aerohive |Restricting throughput bandwidth in User Profile policy

Restricting throughput bandwidth in User Profile policy

  • Question
I am having difficulties being able to restrict the bandwidth to an SSID using the User Profile policy.Within User Profile: QoS Settings > Rate Control & Queuing Policy
I have tried using the same limit (eg 5400 kbps) for each of the User Rate Limits and Policing Rate Limits.

I have also setting Radio and Rates and MCS values to N/A from the SSID Optional Settings > Radio and Rates > 2.4 and 5 GHz settings.

I would prefer to keep the SSID policy as standard and only adjust the User Profile policy.

So far I have only been able to provide no noticeable limits to users, through to an unusable service.

It would be great to have a quick overview of how best to manage and limit the bit rate available to certain User Profiles.

thanks,
Jason

Photo of Jason Hills

Jason Hills

  • 53 Posts
  • 1 Like

 

Photo of Andrew Garcia

Andrew Garcia, Employee

  • 165 Posts
  • 70 Likes
You were on the right track with making the adjustment in the User Profile. If you want a per-user bucket (every client device gets its own 5400 kbps bucket), use the Rate Control and Queuing Policy, only. You can adjust each queue to have different rate limits, or make have the same rate limit in each, like this:

If you want to do a shared bucket (one 5400 kbps bucket shared by all devices with that user profile), also use the Policing Rate Limit under QoS Settings.

When you are done, save the user profile and make sure to upload the configuration to your APs. You can verify what User Profile a client device is assigned from the Monitor > Active CLients page. You may need to add the User Profile Attribute column to the display though.

You definitely should not adjust the Radio and Rates within the SSID to throttle user bandwidth usage. Removing higher data rates in this way actually causes the entire network to perform slower, requiring clients to stay on the air longer to complete each transmission.

Photo of Jade Rampulla

Jade Rampulla

  • 32 Posts
  • 0 Likes
For the „shared bucket“, this will only apply to each AP correct? For example, if I have 5 AP’s, each AP will allow 5400kbps for the user profile correct? I wouldn’t be able to define that I have a single site with 5 AP’s and I want all client devices attached to those 5 AP’s to have a combined 5400kbps right?
Photo of Scott M.

Scott M., Sr. Support Engineer

  • 90 Posts
  • 5 Likes
Hello Jade,I haven’t tested this myself, but for APs, the 5400kbps capacity would be applied per user/client so each client (rather then AP) would have a 5400kbps capacity in the event of contention; however, no limiting is applied until contention for the medium exists. This means that if only one user is on the network, he/she will get all the bandwidth. You will only be able to see/test this feature when contention for the medium exists in sufficient amounts as to require the rate limit to be imposed. This probably explains why you have not been able to see the rate limiting in effect during your testing. It is likely that not enough contention existed to make limiting necessary.

Photo of Jade Rampulla

Jade Rampulla

  • 32 Posts
  • 0 Likes
I think I need to explain my question a little better…Let’s say I have a single site with 5 AP’s and a single network policy assigned to all AP’s. I configure a user profile for guest clients that has a policing rate limit (NOT a per user limit) of 2500Kbps. I have 2 clients connected to each of the 5 AP’s. All the clients are assigned to the guest user profile.

What should happen when all clients simultaneously try to use as much bandwidth as possible? Will all 10 clients share 2500Kbps between the 5 AP’s? What happens when the network policy is assigned to multiple remote sites? What happens with a campus LAN?

Or is the policing rate applied only per AP so that the 2 clients connected to each AP will share the maximum 2500Kbps? Therefore 10 clients spread across 5 AP’s could really do 12500Kbps total bandwidth.

Photo of Andrew Garcia

Andrew Garcia, Employee

  • 165 Posts
  • 70 Likes
You are correct with your second hypothesis, an AP will not account for the usage on other APs. An aggregate throughput limit for the network as a whole would need to be enforced on your router/gateway.
Photo of Jade Rampulla

Jade Rampulla

  • 32 Posts
  • 0 Likes
Thanks for the info! Very informative. I hope this helps others.
Photo of Tim Ruda

Tim Ruda, Employee

  • 28 Posts
  • 45 Likes
Andrew,Thanks for confirming on this! One of those things on my list I never find the time to test and confirm. The ability for the AP’s to communicate about all users on a particular user profile and the bandwidth being used would most likely use just as much bandwidth as one would be trying to save… especially in larger deployments :]