Per-Client Daily Volume Limit

SOLVED
LuisPi
Conversationalist

Per-Client Daily Volume Limit

I have an MX450 device and I would like to know if it is possible to set a daily bandwidth volume limit, per se, 2GB, and if a user(machine) reaches that limit it automatically applies a designated group policy with lower bandwidth capabilities(like some 50kbps)?

1 ACCEPTED SOLUTION
PhilipDAth
Kind of a big deal
Kind of a big deal

You could write a script and schedule it to run regularly.  From the API you could query the usage of current clients:

https://dashboard.meraki.com/api_docs#return-the-clients-daily-usage-history

And then change the policy assigned to that client.

https://dashboard.meraki.com/api_docs#update-the-policy-assigned-to-a-client-on-the-network

View solution in original post

7 REPLIES 7
jdsilva
Kind of a big deal

Hey @LuisPi. Nope, sorry, this isn't possible on the MX. 

You can do the 'Network usage exceeds XX GB in YY time frame' via email alerting, so it might give at least a heads up.
Nolan Herring | nolanwifi.com
TwitterLinkedIn
PhilipDAth
Kind of a big deal
Kind of a big deal

You could write a script and schedule it to run regularly.  From the API you could query the usage of current clients:

https://dashboard.meraki.com/api_docs#return-the-clients-daily-usage-history

And then change the policy assigned to that client.

https://dashboard.meraki.com/api_docs#update-the-policy-assigned-to-a-client-on-the-network

Good idea Phil, however out of curiosity as this solution is something I might look at myself, does this scale?

Looks like the GET is for only 1 client at a time, and with that 5 calls per second limit this could be difficult to pull off for larger networks no?
Nolan Herring | nolanwifi.com
TwitterLinkedIn

Well, if you have 1,000 clients it would take 200 seconds at 5 calls per second.  I guess it depends on what you mean by "scale".  If you ran the script once an hour if should be able to deal with 1,000 clients easily.

 

This was just a general concept that will work with all WiFi configurations.

 

If you are using RADIUS you would potentially just collect the RADIUS accounting records, and then send a RADIUS COA (change of authorizaton) when a trigger was reached and apply a group policy.  The RADIUS method would scale hugely.

https://documentation.meraki.com/MR/Encryption_and_Authentication/Change_of_Authorization_with_RADIU...

What about 20,000 clients lol. Just realized it was 5 calls per ORG not NETWORK so that changes things a little lol.

Out of curiosity as I really never dabble with scripting etc., if you were actually setting something like this up, what/how would one go about doing something like this to make it automated etc. Assuming some sort of server is required running scripts all the time and those scripts taking action on the API data its pulling etc.
Nolan Herring | nolanwifi.com
TwitterLinkedIn

At 20,000 clients I would be trying to use a RADIUS based solution, as it wont require any API calls.

 

Me personally; I would spin up an Ubuntu instance in Amazon AWS on a t3.micro instance.  I would probably start with writing a script in Python.  And then I would use cron to schedule it to run hourly.

 

Likely running cost - $5 per month.

 

Python is "trendy" so their are lots of example scripts.  It is not that fast though.

 

 

 

You can easily have a play on your workstation though.  You just need to install Pyhton, and then do some of the learning courses at:

https://create.meraki.io/learn/

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels