Operation Manual – QoS-QoS Profile
H3C S5600 Series Ethernet Switches
Chapter 2 QoS Profile Configuration
2-6
[Sysname-radius-radius1] secondary accounting 10.11.1.1
# Set the encryption passwords for the switch to exchange packets with the
authentication RADIUS servers and accounting RADIUS servers.
[Sysname-radius-radius1] key authentication money
[Sysname-radius-radius1] key accounting money
# Configure the switch to delete the user domain name from the user name and then
send the user name to the RADIUS sever.
[Sysname-radius-radius1] user-name-format without-domain
[Sysname-radius-radius1] quit
# Create the user domain test.net and specify radius1 as your RADIUS server group.
[Sysname] domain test.net
[Sysname-isp-test.net] radius-scheme radius1
[Sysname-isp-test.net] quit
# Create ACL 3000 to permit IP packets destined for any IP address.
[Sysname] acl number 3000
[Sysname-acl-adv-3000] rule 1 permit ip destination any
[Sysname-acl-adv-3000] quit
# Define a QoS profile named “example” to limit the rate of matched packets to 128
kbps and configuring to drop the packets exceeding the target packet rate.
[Sysname] qos-profile example
[Sysname-qos-profile-example] traffic-limit inbound ip-group 3000 128 exceed
drop
# Enable 802.1x.
[Sysname] dot1x
[Sysname] dot1x interface GigabitEthernet 1/0/1
After the configuration, the QoS profile named
example
will be applied to the user with
user name
someone
automatically after the user passes the authentication.