QoS Configuration Example --- Role QoS

This section describes a role QoS configuration example. The requirement is: The max bandwidth available to each user (user11 and user12) corresponding to role1 is 1M, and max bandwidth shared by all the users (user21 and user22) corresponding to role2 is 4M. The device is connected to Internet on ethernet0/0.

Take the following steps:

Step 1: Create a local user.

1. Select Objects > Local User from the menu bar.
2. In the Local User dialog, select local from the Local server drop-down list. Click New, and select User from the drop-down list. In the User Configuration dialog, configure the options as below:
   • Name: user11
   • Password: 123456
   • Confirm password: 123456

3. Click OK to save your settings and return to the Local User dialog.
4. Create user12 with password set to 123456 by the same procedure.
5. Create user21 with password set to 123456 by the same procedure.
6. Create user22 with password set to 123456 by the same procedure.

Step 2: Configure a role and role mapping rule.

1. Select Objects > Role from the menu bar.
2. In the Role dialog, click New, and select Role from the drop-down list. In the Role Configuration dialog, configure the options as below:
   • Role name: role1
   • Description: role1

3. Click OK to save your settings and return to the Role dialog.
4. Click New, and select Role Mapping from the drop-down list. In the Role Mapping Configuration dialog, configure the options as below:
   • Name: rule1
   • Member: Select role1, User and user11 from the drop-down list in turn, and click Add to add to the list below; then select role1, User and user12 in turn, and click Add
5. Click OK to save your settings and return to the Role dialog. The system will generate a mapping rule named rule1.
6. Configure the mapping between user21/user22 and role2 by the same procedure.

Step 3: Specify a role mapping rule for the local AAA server.

1. Select Objects > AAA Server from the menu bar.
2. In the AAA Server dialog, select local from the server list, and click Edit.
3. In the Local Server Configuration dialog, select rule1 from the Role mapping rule drop-down list, and click OK to save your changes.

Step 4: Configure an appropriate management method for the users which can be WebAuth, SCVPN or 802.1X.

Step 5: Configure a role QoS rule.

1. On the Navigation pane, click Configure > Content > QoS to visit the QoS Configuration page.
2. On the IP QoS tab, click Switch to Role QoS.
3. In the role QoS page, click New on the upper-left of the role QoS rule list. In the Role QoS dialog, configure the options as below:
   • Rule name: exam_roleqos1
   • Apply to: Select Interface and ethernet0/0 from the drop-down list in turn
   • Rule: Select Role and role1 from the drop-down list in turn
   • Output BW: Select Per user from the drop-down list, and type 1000 into the Max BW box
   • Input BW: Select Per user from the drop-down list, and type 1000 into the Max BW box
     
4. Click OK to save your settings and return to the QoS page. The rule exam_roleqos1 is displayed in the QoS rule list.
5. Click New on the upper-left of the role QoS rule list. In the Role QoS dialog, configure the options as below:
   • Rule name: exam_roleqos2
   • Apply to: Select Interface and ethernet0/0 from the drop-down list in turn
   • Role: Select Role and role2 from the drop-down list in turn
   • OutputBW: Select Share from the drop-down list, and type 4000 into the Max BW box
   • Input BW: Select Share from the drop-down list, and type 4000 into the Max BW box
     
6. Click OK to save your settings and return to the QoS page. The rule exam_roleqos2 is displayed in the QoS rule list.