Bandwidth Quota Question

[propelaheadau]

Hi Eric,

Really sorry did not check the landing page from a host that was being monitored.

And yes your second paragraph is bang on....looking forward to v1.0.

Nice work Eric....it is appreciated.

Kind regards

Peter

[uncle john]

Sorry, but there is no way to do this (currently). It records everything by calendar month/week/day/hour.

However, I will consider this as a feature request, and one with fairly high priority. I know a lot of people are using Gargoyle for the quotas feature and I can see how this would be very useful to a lot of people. I'll see what I can do.

Eric: You are right when you say this feature would be very useful to a lot of people. I have been making use of a CoovaAAA service for this purpose for over a year. I have recorded my experience at: http://coova.org/phpBB3/viewtopic.php?f=7&t=430.
As you can see many people have viewed this topic and many in the same situation as Propelaheadau have contacted me for advice.
Yours is the first system I have seen (ispyisail referred me) that has actually included this feature in the access point device.
I hope you are successful making the changes described.
It would be great if you could also incorporate some of the features of CoovaAP into your system.
The ones I am thinking of are:
Embedded Captive Portal
Local Users
The inclusion of these features (GPL code) could allow usage to be monitored on a per user basis (username/password required) rather than just an IP basis. Would this be possible for a Router Device or would something with greater processing power/storage capacity be required (ie. like ALIX)?
Sorry I'm not investing much more than a High Quality Pizza to this effort at the moment as I'm pursuing some other possibilities too.

[Eric]

If you scroll up the thread you'll see the feature propelaheadau initially requested (specification of reset day/hour) has already been implemented.

As for captive portal... the biggest problem here is that this generally relies on RADIUS, which in turn requires openSSL, which is a HUGE resource hog. It's possible to get this to work with Routers with 32+ MB of RAM and 8+ MB of flash, but that's more than a lot of routers have. My original plan was to make captive portal/radius a plugin. (Plugin system is something I've been meaning to implement for a while but just haven't gotten to yet). It hadn't occurred to me that this would be really helpful with respect to my Quota system but you're absolutely right.

In spite of the problems of RADIUS/OpenSSL it may be possible to implement a captive portal without RADIUS (authentication just performed on same device, so I don't have to worry too much about encryption and requirement of OpenSSL). It might be cool to implement a system where I have a captive portal by default but with a really light-weight backend that can be swapped out with full-blown RADIUS using a plugin.

I doubt I'll get that far by v. 1.0 (coming on July 14th), but it's definitely something to plan for in the future. I really like this idea!

[uncle john]

Eric: Thanks so much for pointing out that this feature has already been implemented. I've been waiting a long time for a product that would do all that yours does and I can't wait to try it out. Forget the pizza. Choose someone dear to you and go out and celebrate.
Also thanks for sharing your knowledge on RADIUS. The "Local Users" feature I mentioned in regard to CoovaAP does do authentication on the device without the need for full blown RADIUS.
One of the biggest obstacles I've encountered using CoovaAP/CoovaAAA is getting users to terminate their sessions. Of course this is not an issue where each user has their own machine. But in many households users take turns in using one PC. Coova addresses this problem by reserving the URL 1.1.1.1 to initiate logoff. However this is not very intuative.
I was reading the manual for the Meraki Enterprise Cloud Controller yesterday which described how they limit quota and bandwidth etc. on the basis of SSID. In their system each AP can handle 4 SSIDs and each SSID can be allocated a separate quota etc. So I'm thinking that training users to disconnect from the AP when they have finished their session would be a lot more intuitive that typing 1.1.1.1. So now I'm thinking that perhaps reserving an SSID for each user might not be such a crazy idea. After all who would have thought that the "average" person could have a "Personal Computer" 30 years ago? So why not a personal SSID? Any thoughts?

[sticky]

Hi
A further really useful enhancement would 'peak' and 'Off Peak' quotas.
ie being able to set 2 quotas for different time periods.
Keep up the good work.
Cheers
Sticky

[Eric]

uncle john: Thanks for your generous donation! I really appreciate it.

I don't see how having an SSID/user would help, especially if some users are connecting on wired clients. Also, this is only possible using atheros wifi -- currently you can only have a very limited number of SSIDs with broadcom wireless chips.

Maybe the best way to handle logoff is in addition to having a way to explicitly logoff, have a timeout. If there's no connection activity for say, 30 minutes, they get logged out. That would require implementing some sort of watchdog timer, but it should be possible.

sticky: Yes, something like this would be a good idea. I have a couple other higher priorities but I'll see what I can do. The trick is specifying exactly what happens on the off-peak hours. It would be a lot easier to just specify that no quota applies at that time than have a secondary quota. Also it can easily cause confusion. If off-peak hours are only two hours, for example (say 2am-4am), and you specify a quota, then a quota the same size as the original will be a lot greater bandwidth per unit of time. This may cause some confusion as to what exactly is going on, and how the secondary quota relates to the original. As a user, how do you think it would be best to handle the specification of what happens during off-peak hours?

[uncle john]

uncle john: Thanks for your generous donation! I really appreciate it.

You are more than welcome. I appreciate you were probably joking about the pizza diet but I hope others will contribute towards your work.

I don't see how having an SSID/user would help, especially if some users are connecting on wired clients.

In a word: Flexibility. In our experience our uni student tenants appreciate the flexibility of allowing their laptop toting friends to use their login details. CoovaAAA supports concurrent logins and there is no limit to the number of devices associated with login details at any one time. You could get the same level of flexibility without full blown RADIUS but with multiple (virtual) SSIDs instead.

I appreciate your point about wired clients but I think not providing that option is not such a problem nowadays.

[sticky]

sticky: Yes, something like this would be a good idea. I have a couple other higher priorities but I'll see what I can do. The trick is specifying exactly what happens on the off-peak hours. It would be a lot easier to just specify that no quota applies at that time than have a secondary quota. Also it can easily cause confusion. If off-peak hours are only two hours, for example (say 2am-4am), and you specify a quota, then a quota the same size as the original will be a lot greater bandwidth per unit of time. This may cause some confusion as to what exactly is going on, and how the secondary quota relates to the original. As a user, how do you think it would be best to handle the specification of what happens during off-peak hours?

For my purposes just having the quota for the peak period would be sufficient as we never seem to go over the off peak limit, and probably easier technically.
S