Differences

This shows you the differences between two versions of the page.

--- radius:rad_fup [2024/02/12 21:49] – system
+++ radius:rad_fup [2024/02/13 15:20] (current) – system
@@ Line 6: / Line 6: @@
 ====== Fair Usage Policy (FUP) ======
 ===== Introduction =====
-  * From January 2023 RADIUSdesk now also includes a powerful FUP package.
+  * As of January 2023, RADIUSdesk now includes a powerful FUP package.
-  * We worked with our clients to come up with an innovative and flexible implementation that packs a punch.
+  * In collaboration with our customers, we have developed an innovative and flexible implementation that packs a punch.
-  * This document will start with a high level discussion about the various FUP requirements met with this implementation.
+  * This document first discusses the various FUP requirements that are met with this implementation.
-  * It will then go on to do a hands-on FUP profile.
+  * Then we will create a practical FUP profile.
-  * Finally we will show you where to tweak things should the need arise for your specific environment or implementation.
+  * Finally, we will show you where you can tweak things if necessary for your specific environment or implementation.
-===== FUP Implementation =====
+===== FUP implementation =====
-  * In South Africa some of the big ISPs implement multiple layers of service for their FUP.
+  * In South Africa some of the major ISPs implement multiple layers of service for their FUP.
-     * There will be a reduction in bandwidth when a certain amount of data is used during the month.
+     * Bandwidth is reduced when a certain amount of data is consumed over the course of a month.
-     * There will be a further reduction in bandwidth when a second milestone of data used is reached.
+     * A further bandwidth reduction occurs when a second data usage milestone is reached.
-     * Finally when a third milestone is reached the bandwidth is throttled down to a trickle.
+     * Finally, when a third milestone is reached, bandwidth is throttled to a trickle.
-     * When the new month starts everything is reset back to normal speed again.
+     * When the new month begins, everything reverts back to normal speed.
-  * Another requirement is the ability to assign an IP Pool to a certain level of service.
+  * Another requirement is the ability to assign an IP pool to a specific service level.
-      * This is typically with ISPs that use Mikrotik PPPoE servers.
+      * This is typically the case with ISPs that use Mikrotik PPPoE servers.
-      * There will for instance be a premium IP Pool and a best effort IP Pool.
+      * For example, there is a Premium IP Pool and a Best Effort IP Pool.
-      * A user will start off on the premium IP Pool up to the point where their specified FUP is triggered.
+      * A user starts in the premium IP pool up to the point where their specified FUP is triggered.
-      * Thereafter they are moved to the best effort IP Pool.
+      * After that, they are moved to the best-effort IP pool.
-  * Communities that uses RADIUSdesk wanted to offer their users more bandwidth between midnight and 7AM since the utilization on the up-link are very low during that time and it can then encourage a more distributed usage graph.
+  * Communities using RADIUSdesk wanted to provide more bandwidth to their users between midnight and 7am, as uplink utilization is very low during this time, which can promote more even usage.
   * With these various requirements in mind we formulated the FUP package in RADIUSdesk.
-===== Hands-on FUP Profiles =====
+===== Practical FUP profiles =====
   * To configure the FUP part of a profile, go to **RADIUS** -> **Profiles**.
-  * The edit option of a profile includes **FUP**.
+  * The editing option of a profile contains **FUP**.
+<panel type="primary">
 {{:radius:profiles:fup_option.png?nolink|}}
+</panel>
   * There are two sections for a FUP based profile.
-        * The first section specifies the basic speed when no limits are imposed.
+        * The first section specifies the base speed if no restrictions are imposed.
-        * The second section contains a list of restriction FUP components to apply.
+        * The second section contains a list of the FUP restriction components to be applied.
-==== Basic Speed Limit - No limits imposed  ====
+==== Base speed limit - No restrictions imposed  ====
+<panel type="primary">
 {{:radius:profiles:fup_basic.png?nolink|}}
+</panel>
-==== FUP Components to apply ====
+==== FUP Components to be applied ====
+<panel type="primary">
 {{:radius:profiles:fup_throttle.png?nolink|}}
+</panel>
   * In the screenshot above we see two stage throttling.
-  * When the user's total usage reached 100Gb we will half its bandwidth. (reduce to 50Mb/s)
+  * When the user's total usage reaches 100Gb, we halve their bandwidth. (reduction to 50Mb/s)
-  * Then when the user reaches a usage of 200Gb we will reduce its bandwidth further. (reduce to 25Mb/s)
+  * If the user then reaches 200Gb usage, we reduce their bandwidth further. (reduce to 25Mb/s)
-  * The FUP component is composed of the following items.
+  * The FUP component is made up of the following elements.
         * Descriptive name.
         * **If condition**. Options include **Time of day**, **Daily usage**, **Weekly usage**, **Monthly usage**.
-        * For **Time of day** there will be a start time and end time.
+        * For **Time of day** there is a start time and an end time.
-        * For **data usage** there will be an amount of data.
+        * For **data usage** there is a data amount.
-        * **Action**. When the trigger has been reached we can **block the traffic**, **decrease the speed** or **increase the speed**.
+        * **Action**. When the trigger is reached, we can **block the data traffic**, **decrease the speed** or **increase the speed**.
-        * An optional IP Pool that should be used if the component is triggered.
+        * An optional IP pool to be used when the component is triggered.
-    * You can combine various type of FUP components together.
+    * You can combine different types of FUP components.
-    * The logic that applies them will use the following rules.
+    * The logic it applies uses the following rules.
-          * Blocking traffic will take preference.
+          * Blocking traffic has priority.
-          * Components that decrease the speed will use the slowest (biggest decrease percentage)
+          * Components that reduce the speed use the slowest (largest percentage reduction)
-          * Components that increase the speed will use the slowest (smallest increase percentage)
+          * Components that increase the speed use the slowest (smallest percentage increase)
-    * This essentially means the strictest component's action will be applied.
+    * This essentially means that the strictest action of the component is applied.
 ===== Important points on FUP =====
-  * For FUP to work correct there are two important items which has to be in place and work.
+  * For FUP to work correctly, two important points must be present and working.
 ==== Timezone setting on RADIUS Client ====
-  * To determine the exact start of day, week or month the timezone that a RADIUS Client is deployed in needs to be specified.
+  * To determine the exact start of the day, week or month, the time zone in which a RADIUS client is used must be specified.
-  * If this is not set it will fall back to the timezone that the RADIUSdesk installation is set to.
+  * If this is not the case, it will fall back on the time zone to which the RADIUSdesk installation is set.
 ==== Ability to disconnect a RADIUS user from RADIUSdesk ====
-  * In order for the system to detect and activate an FUP restriction it needs to disconnect an active session of a user.
+  * In order for the system to recognize and activate an FUP restriction, it must disconnect an active session of a user.
-  * The RADIUS Client should then re-authenticate the client where the restriction will be applied. (This is standard procedure for PPPoE connections)
+  * The RADIUS client should then re-authenticate the client to which the restriction is to be applied. (This is the standard procedure for PPPoE connections)
 ===== Nuts and bolts of FUP =====
-  * This section will be for the readers that likes to know how everything works and fits together.
+  * This section is intended for readers who would like to know how everything works and fits together.
-  * When you use the FUP editor for a RADIUS Profile a few things happens behind the scenes.
+  * When you use the FUP editor for a RADIUS profile, a few things happen behind the scenes.
-  * The system creates a Profile Component with naming the convention starting with **FupAdd_<profile_id>** and adds this Profile Component to the Profile.
+  * The system creates a profile component with a naming convention that starts with **FupAdd_<profile_id>** and adds this profile component to the profile.
   * This Profile Component contains one or more of the following FreeRADIUS custom check attributes.
 <code bash>
@@ Line 81: / Line 87: @@
 ATTRIBUTE Rd-Fup-Ip-Pool        3173 string
 </code>
-  * FreeRADIUS is configured to use a combination of **unlang** and a Perl module to formulate the reply to an Access Request that a RADIUS Client will sent to the FreeRADIUS server.
+  * FreeRADIUS is configured to use a combination of unlang and a Perl module to formulate the response to an access request that a RADIUS client sends to the FreeRADIUS server.
-  * The Perl module will look for any entries in the **profile_fup_components** DB table that is associated with the RADIUS Profile.
+  * The Perl module searches for all entries in the DB table **profile_fup_components** that are linked to the RADIUS profile.
-  * It will then try and determine which restriction to apply, if any.
+  * It then attempts to determine which restriction, if any, should be applied.
   * The Perl module can be found in ///etc/freeradius/3.0/mods-config/perl/fup.pl//
-  * It connects to the database and the credentials to connect with to the database is also specified inside this file.
+  * It establishes a connection to the database and the login information with which the connection to the database is to be established is also specified in this file.
-  * Should there a FUP component to be applied to a user, we will keep track of it in the **applied_fup_components** table.
+  * If there is an FBD component that is to be applied to a user, we record it in the **applied_fup_components** table.
-  * We then run a cron script **cd /var/www/html/cake4/rd_cake && bin/cake fup** that will compare the applied FUP component with the current active FUP component.
+  * We then run a cron **script cd /var/www/html/cake4/rd_cake && bin/cake fup** that compares the applied FBD component with the currently active FBD component.
-  * If they are different we send a disconnect request to all the RADIUS Clients for that username (All the RADIUS Clients where the user might be connected to)
+  * If they are different, we send a disconnect request to all RADIUS clients for that username (all RADIUS clients the user might be connected to)
-  * This should initiate a re-authentication which will bring the applied FUP component in sync with the current active FUP component.
+  * This should initiate a re-authentication that synchronizes the applied FBD component with the current active FBD component.