«

Hi all,

I've been looking at the Cisco SESM + SSG solution to provide broadband
services.

Our requirements are to be able to dynamically rate-limit customers based on
data usage i.e. enforce data caps, and to allow the customer to manage their
own account e.g. select additional services.
I've been told that the SESM platform uses a proprietary protocol to talk to
the SSG enabled routers, so we don't need to worry about the limitations of
a radius-based system - in which you need to disconnect the user in order to
apply the new rate-limit.
Basically, we're wanting to run an equivalent of Juniper's ERX/SDX setup.

I've hunted around Cisco's site, but I can't find any info at all on the
protocol used between SESM & the SSG routers.... does anyone know anything
about this? What ports should be opened up, etc.

Any feedback would be much appreciated.
I can also be emailed off-list at gsmith at wxc dot co dot nz

Cheers

Hi Gordon

Gordon Smith wrote:
> Hi all,
....
>
> I've hunted around Cisco's site, but I can't find any info at all on the
> protocol used between SESM & the SSG routers.... does anyone know anything
> about this? What ports should be opened up, etc.
>

The communication between SSG and SESM is all radius traffic with Cisco
VSA`s to login and logout users.
Cisc VSA 252 Command-Info

> Any feedback would be much appreciated.

Unfortunatly the detailed desciption for this VSA`s is not public
available, but if you have any specific question don`t hesitate to
contact me.

regards

Michael

BTW : I added support for this VSAs to Ethereal I`ve you´d like to dig
deeper (load anything greater than ethereal > 0.10.x)

"Michael Kopp" <> wrote in message
news:c5mjk3$3hj60$...
> Hi Gordon
>
>
> The communication between SSG and SESM is all radius traffic with Cisco
> VSA`s to login and logout users.
> Cisc VSA 252 Command-Info
>
> > Any feedback would be much appreciated.
>
> Unfortunatly the detailed desciption for this VSA`s is not public
> available, but if you have any specific question don`t hesitate to
> contact me.
>
> regards
>
> Michael
>
> BTW : I added support for this VSAs to Ethereal I`ve you´d like to dig
> deeper (load anything greater than ethereal > 0.10.x)
>

Thanks for that Michael,

I'll grab the latest source code and have a look
Apparently there's an API as well, so I'll hunt that down as well and see
what we can do.
Cisco had told me that we could do dynamic rate-limits with this solution,
but I guess that even some of their engineers get confused with their
products

Cheers,
Gordon

Hi,

....

> Apparently there's an API as well, so I'll hunt that down as well and see
> what we can do.
> Cisco had told me that we could do dynamic rate-limits with this solution,
> but I guess that even some of their engineers get confused with their
> products

It depends with whom you speak - just some sales guys or the guys from
the SSG business unit

SSG can set QoS (rate limits) on a per-user or/and a per-service basis,
what exactly do you mean with dynamicl rate-limits.

I guess, your users should select SESM what bandwidht/ Service Class
they like, and should pay accoringly based on the selected service?
right ? If this is what you`d like to achive then SSG/SESM is the
correct plattform for you (also SSG/SESM can do many more things e.g.
prepaid charging, in my opinion a very cool feature)

> Cheers,
> Gordon

Just from my personal interest, on what plattfrom do you plan SSG (7200,
7400 or MWAM) ? Also in a HA Solution with RLB and FWLB ?

Michael

"Michael Kopp" <> wrote in message
news:c5mr9b$3isht$...
> Hi,
>
> ...
>
>
> It depends with whom you speak - just some sales guys or the guys from
> the SSG business unit
>
> SSG can set QoS (rate limits) on a per-user or/and a per-service basis,
> what exactly do you mean with dynamicl rate-limits.
>
> I guess, your users should select SESM what bandwidht/ Service Class
> they like, and should pay accoringly based on the selected service?
> right ? If this is what you`d like to achive then SSG/SESM is the
> correct plattform for you (also SSG/SESM can do many more things e.g.
> prepaid charging, in my opinion a very cool feature)
>
> Just from my personal interest, on what plattfrom do you plan SSG (7200,
> 7400 or MWAM) ? Also in a HA Solution with RLB and FWLB ?
>
> Michael
>

We'd been talking to one of their CCIE's down here who's doing pre-sales

What I was really wanting to do was enforce data caps - customer gets a
high-speed link with an associated data cap, then if they exceed their data
limit, rather than cutting them off or charging them for excess usage, we
just reduce their link to a lower speed and notify them that they may need
to consider a higher rate plan.

We're going to be using 2 x 7301's as the SSG routers. When I did some
stress testing on them I was pleasantly surprised. I only managed to crash
them twice, and I was doing some pretty nasty things to them - flapping full
route tables, 40-byte packets, SNMP walking, etc

They won't be in an HA setup though, but they will be doing DSCP marking,
because they'll be handling customer aggregation as well

Cheers,
Gordon

[rajshekar2006]

What is use AAA server

[rajshekar2006]

AAA server is Billing server